Eye on management

Also in this issue: Security and the Cloud

M a r t i n K u p p i n g e rFo u n d e r a n d S e n i o r Pa r t n e rK u p p i n g e r C o l e

A l b e r t L e eSenior AnalystEnterprise Management A ssociates (E M A)

C l i v e L o n g b o t t o mService Director Business Process Facili tationQuocirca

M a r l o n B o w s e rC E OH T K

C o n t r i b u t o r s

| THE INDEPENDENT RESOURCE FOR IT EXECUTIVES

Q1 2011 | $26

ads repdf.indd 4 15/10/10 14:29:07ads repdf.indd 4 14/1/11 10:34:32

20 Commercially, and socially, yours…

Savvy employers are looking at how to integrate social networking into their day-to-day corporate activities, but there are a few things to watch out for. CLIVE LONGBOTTOM (QUOCIRCA) takes you through the pros and cons.

24 Priceless

ETM’S ALI KLAVER talks to the CEO of HANDYSOFT, HARRY CLARKE, about BPM and why this hot technology is making enterprises successful—even in today’s tough market.

30 Outsourcing around the world

DIGVIJAY KUMAR (iGATE CORPORATION) and CAROL UNWIN (STERIA) join MIKE ATWOOD (HORSES FOR SOURCES) on a panel podcast to discuss finance and accounting outsourcing and in particular how to optimize transformation.

38 Lean, mean and perfect performance

Keeping up with the fast pace of today’s market isn’t as hard as you think. TONY BEESTON (ORSYP) talks to ETM’S ALI KLAVER about performance and capacity management and how success is possible with a little help.

42 Capturing control

Controlling your endpoints and keeping them secure is becoming a harder task than ever with each new innovation in technology. MARC BRUNGARDT (PROMISEC) says that a unique solution will enable companies to operate the way they need to. He speaks to ETM’S ALI KLAVER.

46 Communication overload

MARLON BOWSER, CEO at HTK, looks at how companies can get the most out of the increasing number of customer communication channels.

48 Problem solved

Data storage shouldn’t be a hard task, particularly with the technology available today. RYAN DUFFY (QUANTUM CORPORATION) tells ETM’S ALI KLAVER that easy adoption and integration are possible.

CO

NT

ENT

S PAGE

ETM 7 Editor and

contributors page

9 Industry snapshot

10 Special feature by Stephen E. Arnold

90 Events and features

12 The best of both worlds

PETER HÄRDI (ASCOM WIRELESS SOLUTIONS) talks with ETM’S ALI KLAVER about the cost savings of IP-DECT solutions for onsite wireless communications.

16 The last automation frontier

ETM’S ALI KLAVER talks to KEVIN PARKER (SERENA SOFTWARE) about application development and delivery.

Contents4

86 The source

Enterprise search is as much about the tools you use as the way users actually search. BRIAN PINKERTON (LUCID IMAGINATION) says that it’s search that has now become a vital part of a user’s everyday life. He talks to ETM’S PINAR GENCTURK.

52 Global networking

ALBERT LEE (ENTERPRISE MANAGEMENT ASSOCIATES) says that consistency in designing cloud computing infrastructures, and diligence in applying service management best practices, are the keys to “The Responsible Cloud”.

56 Follow the flight path

MARK KENNY(ENTERPLICITY) talks to ETM’S ALI KLAVER about the five lessons that project management can learn from aviation.

60 The Capacity Quadrant

JERRY MANAS (PLANVIEW) is a best-selling author and Planview’s senior writer and editor of PRISMS best practices. ETM’S ALI KLAVER talks to him about his most recent foray into demystifying resource management.

64 Top of the food chain

Corporate performance management software is no longer just for the most sophisticated or progressive companies, it’s something that has been made available and attainable for just about any sized enterprise. SHAWN ROGERS (ENTERPRISE MANAGEMENT ASSOCIATES) moderates a panel podcast with the expert opinion of JON KONDO (HOST ANALYTICS), GEOFFREY NG (PROPHIX SOFTWARE) and TONY LEVY (IBM).

74 Preservation and privacy

SIMON TAYLOR(COMMVAULT) says that, in order to make cloud migration work, it’s essential to involve an expert in the field and establish a methodology around how you’re going to do it.

78 Still a lot of work to do…

A lot of CIOs and CISOs don’t do upfront research and put enough thought into looking at virtualization security for their organizations. MARTIN KUPPINGER (KUPPINGER COLE) says that this is a must if security targets are to be met, and to move forward with a successful cloud computing platform.

82 Layer by layer

Delving into the specifics of being and staying secure at endpoints is a favourite topic of LANDesk experts ANDY KING and BEN HALL. They talk to ETM’S ALI KLAVER about the fundamentals of endpoint security and how it all starts with knowing exactly what is on your network.

CO

NT

ENT

S PAGE

ETM

Contents5

100% control

of every endpoint.

Everywhere. And every

minute.

We’re into control.

To learn more:Email: inquiry@promisec.comVisit: www.promisec.comCall: 1.646.616.5103

You can’t manage what you can’t see. And that’s why you need Promisec

-des

ign.

co.il

edito

r’s page et

M C

oN

tr

iBUto

rs

7

C o n t r i b u t o r s M a r l o n B o w s e r

C e oH T K

M a r t i n K u p p i n g e rs e n i o r pa r t n e r a n d Fo u n d e r

K u p p i n g e r C o l e

A l b e r t L e esenior analyst

Enterprise Management A ssociates

C l i v e L o n g b o t t o mser v ice director, Business process Faci l itat ion

Quocirca

HeadquartersInformed Market Intelligence (IMI) Ltd

Farringdon House, 105-107 Farringdon roadLondon, eC1r 3BU, United Kingdom

+44 207 148 4444

New York68 Jay street, suite #514, Brooklyn, NY 11201, Usa

+1 718 710 4876

Eye on management

Firstly, i’d like to wish all of our readers a happy and healthy 2011! as we begin this year with greater expectations of growth and stability, the it industry is preparing for some of its toughest challenges yet.

What surprised me over the past few months as i’ve been interviewing and preparing the Q1 issue is the fact that it management, in all its forms, is becoming a focus area whether that be in capacity management, business process management, identity and access management or a myriad of others.

there is a fantastic panel podcast online at globaletm.com led by shawn rogers at enterprise Management associates that deals with corporate performance management and features industry experts from such companies as Host analytics and propHiX. Be sure to also check out the transcript on page 64.

also of concern is endpoint security and, while this is a given, it still pops up in the day-to-day conversations i’m having with the analyst community. speakers from promisec and LaNdesk have some great tips and suggestions for you (pages 42 and 82 respectively).

don’t forget, we also have four analyst-driven pieces on topics as diverse as “the responsible Cloud” (eMa, page 52) to integrating social networking in your organization (Quocirca, page 20).

Finally, it’s with sadness that i pass the reigns of this respected magazine and sister website to a new managing editor. pinar gencturk joins iMi publishing from a successful tenure at Fairfax in australia and is keen to develop etM so that it far exceeds your expectations and answers aLL of your most pressing questions.

thank you for reading, and if you would like to contribute to any future issues of etM please feel free to contact pinar via email at pgencturk@imipublishing.com

ali Klaverali KlaverManaging editor

Fo u n d e r / p u b l i s h e r A m i r N i k a e i n

M a n a g i n g e d i t o rA l i K l a v e r

s e n i o r e d i t o rP i n a r G e n c t u r k

C r e a t i v e d i r e c t o r A r i e l L i u

Ju n i o r d e s i g n e rM a n a A s s o u d e h

We b d e v e l o p e rV i n c e n z o G a m b i n o

po d c a s t / s o u n d e d i t o r M a r k K e n d r i c k

a s s o c i a t e e d i t o rH e l e n a S t a w i c k i

a c c o u n t e x e c u t i v e S a n d i n o S u r e s hA l i B e h b e h a n i

J o h a n n e s Va n Vu g t

No r t h a m e r i c a n a c c o u n t e x e c u t i v e sFa r r a h Tu t t l eYe s s i t A r o c h o

J o e M i r a n d a

M a r k e t i n g e x e c u t i v eA l e x a n d r o s T h e m i s t o s

Enterprise Technology Management is published by Informed Market Intelligence

How to contact the editor We welcome your letters, questions, comments, complaints and compliments.

Please send them to Informed Market Intelligence, marked to the editor, Farringdon House, 105-107 Farringdon road, London, eC1r 3BU, United Kingdom or email pgencturk@imipublishing.com

PR submissions all submissions for editorial consideration should be emailed to pgencturk@imipublishing.com

Reprints For reprints of articles published in etM magazine, contact athemistos@imipublishing.com

All material copyright Informed Market Intelligence

This publication may not be reproduced or transmitted in any form in whole or part without the written express consent of

the publisher.

informed mar ket intelligence

ads repdf.indd 4 3/8/10 13:42:31

Ask

th

e expert

In

for

mAt

Ion

In t

he c

lou

d

Industry snapshot

companies that continue to focus on quick-fix security tools instead of strengthening and enforcing information security policies risk devastating consequences in 2011, warns Ipswitch, the secure managed file transfer company. An Ipswitch report predicts that enterprises will start monitoring and managing the information flowing to and from personal email, instant messages and cloud-based services. According to an Ipswitch survey of It executives, 40% said they routinely send confidential information through personal email to eliminate the audit trail from management. Additionally, 25% admitted to sending proprietary files to their personal email accounts with the intent of using that information at their next place of employment.Source: Ipswitch

mckinsey’s new survey finds that companies using the web intensively gain greater market share and higher margins. results show that the web 2.0 use of companies is significantly improving performance. fully networked enterprises are not only more likely to be market leaders or to be gaining market share, but also use management practices that lead to margins higher than those of companies using the web in more limited ways. The fourth annual survey garnered responses from 3249 executives across a range of regions, industries and functional areas. two-thirds of the respondents reported using web 2.0 in their organizations.Source: Forbes

The biggest security concerns for the coming year will be cyber-sabotage and cyber-espionage, say industry experts. They cite the success of the stuxnet worm in attacking industrial control systems as a prime example of what to expect in 2011. other predictions include a rise in sophisticated malware, Wikileaks-style breaches and a focus on mobile. sharing the headlines with stuxnet were the hack attacks carried out by supporters of whistle-blowing website Wikileaks. In late 2010, Wikileaks began releasing some of a cache of 250,000 leaked us diplomatic cables. The attacks took the form of distributed denial of service (ddos) that involve bombarding a website with data to the point that it is overwhelmed. net security expert dan kaminsky said ddos attacks were likely to proliferate in 2011 because of their simplicity. Art Gilliland, a vice president at security giant symantec, said the Wikileaks debacle underscored the need to shift the focus from securing infrastructure to securing content.Source: BBC

Ixia, provider of converged Ip network test solutions, has teamed with nick lippis of the lippis report to sponsor a series of open industry data center network performance and power consumption tests. The goal is to provide comparative data across several 10 Gigabit ethernet (Ge) switch providers using Ixia’s breakthrough xcellon-flex™ load modules. This test will be the first of its kind and will provide network stakeholders with real-world data that compares and contrasts different 10 Ge equipment manufacturer products for data center fabrics.Source: Axicom

In January, Gartner released its latest forecast for worldwide It spending in the coming year. Gartner says companies and governments will spend $3.6 trillion on It this year which is more than the prior $3.4 trillion forecast, amounting to growth of 5.1 %. The report has found that spending is picking up fastest on telecom equipment with computing hardware and enterprise software following close behind.Source: The Wall Street Journal

In november, oracle announced its acquisition of Art technology Group Inc., a provider of ecommerce software and related on-demand commerce optimization applications through a cash merger for $6 per share, about $1 billion. AtG’s solutions enable enterprises to provide a cohesive online customer experience with sophisticated merchandising, marketing, content personalization, automated recommendations and live-help services.Source: Oracle

2.0 Cyber-sabotage top fear

Ipswitch 2011 predictions

IT spending up Oracle’s $1b acquisition Testing, testing...

9

Google� ree years ago—August 13, 2008—eWeek published “Google Gmail, Google Apps Are Not Enterprise Ready”. Shock headlines have come to signal a publication that wants to generate more tra� c to their website, but the old shouting lead may be relevant in 2011.

� e article by Clint Boulton, however, made several valid points about Google’s enterprise products and services. � ere was a reference to Google’s problems in 2008 with keeping its Gmail service online and accessible. Mr Boulton referenced a number of industry analysts who echoed a single theme: When a cloud service goes o� ine, users cannot access their data, email or applications.

In November 2010, Google made available a number of new products and services to Google Apps customers. To control these applications, they created a dashboard-style interface. � e shi� to the new interface will probably be completed by the time you read this column.

Among the applications available are Google Voice (a Skype-in� uenced telephony service), Picasa (an image manager and search application), and a somewhat daunting three score more.

According to Google’s blog posts and public announcements, they want the enterprise to be “consumerized”. To make the point crystal clear, Google has included its CheckOut service (an online payments system similar to eBay’s PayPal) and AdWords (Google’s online advertising system). Google modi� ed its nomenclature for its expanded service.

Of interest to me are Google Apps for Business and Google Apps for Government. Google continues to land high-pro� le commercial accounts, including Genentech, Motorola Mobile Devices Division and Capgemini, among others. Perhaps Google’s biggest win in late 2010 was a deal to provide Google Apps to the US Government’s General Services Administration.

Google lost out on a similar deal for the US Department of Interior and seems to be pursuing legal action against that US government agency. When a company sues a unit of the US, that company is de� nitely serious about winning enterprise accounts.

On a recent trip to Washington, DC, I asked several government executives about their view of Google’s alleged legal maneuverings at Interior. � e answer? “No comment.” In my experience, a procurement team becoming involved in legal hassles has negative mojo.

Google has been working over the last two years to enhance its enterprise products and services. Among the notable milestones are enhancements to security. Websites and trade publications have focused

on Google’s certi� cation for the US government. FISMA is an acronym for Federal Information Security Management Act. (For details about FISMA, go to h� p://csrc.nist.gov/groups/SMA/� sma/index.html.)

However, the more interesting security capabilities appear in a 2010 white paper: Google Apps Messaging and Collaboration Products. You can download a copy of this 14-page document from www.google.com/a/help/intl/en/admins/pdf/ds_gsa_apps_whitepaper_0207.pdf.

Google acquired Postini, September 2007. Postini, at the time, o� ered security and corporate compliance solutions for email, instant messaging and other web-based communications. Postini had at the time of the deal more than 35,000 business customers and supported 10 million customers. Postini’s capabilities embraced inbound and outbound policy management, spam and virus protection, content � ltering, message archiving, encryption and specialized services to ensure that email is not changed.

� e question I o� en hear when I express my con� dence in Google’s Postini-centric security methods is: “What’s a Postini? Why have I never heard about these security services?” I don’t have an answer to these questions. My view is that Google’s marketing may not be reaching some audiences.

� e company’s main website for its enterprise apps is located at www.google.com/enterprise. A newcomer to Google’s service will � nd that each of the links reveals increasing levels of detail.

A good example is the link to Google Apps that Google says will: “Foster stronger communication and collaboration between employees”. � e subsite for Google Apps explains the bene� ts that have earned the company more than “three million businesses” as customers. � ese include Google’s cost savings compared to on-premise solutions, synchronization of mobile email and calendars, data security and Google’s “reliability guarantee” for 99.9 per cent uptime.

Of particular importance is Google highlighting 24/7 customer support. Google relies on email, frequently asked questions and Google Groups’ participants. One criticism I’ve heard is that Google can be elusive when some customers try to contact the � rm.

In early 2010, the widely-read TechDirt.com blog ran: “Once Again, Google’s customer Service Is Becoming an Issue”. See www.techdirt.com/articles/20100112/2044117719.shtml.

In my experience, customer service is an issue for many vendors. On its main Google App’s web pages Google does not provide a telephone number, preferring to direct inquiries to an Apps team member via email.

SPECIA

L FEATU

RE

STEPH

EN E. A

RN

OLD

10

Google Enterprise Apps: Forcing Competitors to React

However, you can locate Google telephone numbers via a Google search However, you can locate Google telephone numbers via a Google search point of contact, service and support inquiries go to that organization.

TMCNet.com published on December 2, 2010: “Google to Pay More A� ention to CRM” (www.tmcnet.com/channels/contact-center-so� ware/articles/122943-google-pay-more-a� ention-crm.htm). � e write up asserts; “… It’s de� nitely a good thing that Google is taking customer relationship management more seriously. It’s just a plain fact that you only get lasting business from taking the utmost care of your customers”.

When I shi� my a� ention from Google’s security and customer service to developing for Google Apps, I had to run a Google query: “Google apps enterprise developers”. Google maintains separate mini-websites for developers. I could not locate a direct link from the basic information about Google Apps for the Enterprise to the Apps Enterprise Developer information. I located useful information at h� p://code.google.com/googleapps.

In order to dig into the substantive information, you will need to obtain a free Google account. General information is available without registering, but the code examples and access to developer functions requires registration. Fees may be involved, but details of the programs can change. I recommend that you register and contact Google via email to discuss what you want to build.

� e Google Apps marketplace makes it possible to generate revenue. You can � nd this information at h� p://code.google.com/googleapps/marketplace.

� ere is one inconsistency in the information presented. Google refers to “two million businesses” in the Apps Marketplace and in the main Apps splash page as “three million businesses.” � is is a detail, and a large one. I would like to know how many Google Enterprise Apps customers Google really has.

Microso� probably questions the millions of customers count as well. Google and Microso� have been less and less reluctant to criticize one another’s enterprise products and services. � e rhetorical heat rose in the spring of 2010. One Microso� -centric blog reported: “Microso� Blogger Slams Google Apps”.

I dismissed the allegations as routine marketing. However, in December 2010, Microso� made evident its view of Google’s enterprise ambitions. According to DiTii.com, a senior manager at Microso� ’s online services unit allegedly said:

“There’s no doubt that businesses are talking to Google, and hearing their pitch, but despite all the talk, Google can’t avoid the fact

that often times they can’t meet basic requirements.” [...] “Constraints such as inadequate product support, failure to provide a roadmap, poor interoperability with other lines of business apps and limited functionality are all reasons why public sector organizations such the State of Minnesota and New York City have said ‘no thanks’ to what Google is offering.” […] “Regardless of how organizations are thinking about the cloud, Microsoft provides a choice for their productivity needs; on premises, in the cloud or as a hosted solution. Google doesn’t offer any such choice.”

� e sentiment was noted by the Wall Street Journal and dozens of other information services, including the UK publication Channel Register (www.channelregister.co.uk/2010/12/02/microso� _blasts_google_apps).

If tensions are rising between Google and Microso� , the companies are behaving in a manner familiar to anyone watching the tussle among Hewle� Packard, Oracle and SAP. � e ba� le for the enterprise is indeed serious. Litigation is, in my opinion, replacing innovation. And the stakes are high.

Enterprise vendors realize that the “shelf space” in companies for so� ware and services is ge� ing smaller. I’ve noticed that some lobbying activities are underway. Large vendors are using the resources at their disposal to gain an edge in a tough market.

Is Google ready for the enterprise? Microso� thinks so. And Brussels-based Initiative for a Competitive Online Marketplace (ICOMP) appears to be focusing some of its a� ention on Google. Coincidence? Possibly. I am fence si� ing on this imminent border clash. When big armies � ght, the grass gets trampled. Pile the bodies high and all that.

Half a world away, Facebook and Baidu are cha� ing and closer to home Google TV is mostly white noise. Perhaps Google in the enterprise will be the big winner for Google in 2011. � e company needs to diversify beyond ad revenue or be pegged as a one-trick pony for yet another year.

Google

Mr Arnold is a consultant. More information about his practice is available at www.arnoldit.com and in his web log at www.arnoldit.com/wordpress.

SPECIA

L FEATU

RE

STEPH

EN E. A

RN

OLD

11

STEPHEN E. ARNOLD

h� p://www.GlobalETM.com

AK: lET’S BEGIn WITh An InTrODuCTIOn. PETEr, TEll uS A lITT lE BIT ABOuT yOur BACKGrOunD AnD hOW yOu CAME TO WOrK fOr ASCOM?

Ph: Ascom is a Swiss-based company with headquarters in Switzerland. Th e total group has more than 2000 employees and we’re doing more than 500 million Swiss francs in revenue per year.

Ascom consists of three divisions. One is network testing that provides testing services and equipment for the large GSM providers worldwide. Th en we have security communication which is very much specialized in communication systems for the Police, military and blue light organizations. My division is wireless solutions providing mission-critical communication systems for onsite communications.

As for me, my background is actually in engineering as well as the business side. I spent the fi rst 20 years of my professional life in the IT

industry where I started off in sales and went through positions such as sales manager, then up to marketing and managing director functions.

for roughly six years I was Ascom’s managing director for Switzerland and responsible for all of our business there, before I moved to the headquarters of wireless solutions here in Gothenburg to take on the role as vice president of marketing and product management.

AK: WhAT IS ThE DIffErEnCE BETWEEn DECT AnD IP-DECT?

Ph: Actually, DECT and IP-DECT are very closely related. What they have in common is DECT, a radio standard, a pure standard on what we call the air interface for communication.

let’s say that the legacy and DECT system were connected to each other, or the network was based on classic ISDn technology. IP-DECT is actually using the same radio standard which is a very secure standard that also

hEA

D TO

hEA

D

IP-DEC

T SO

luT

IOn

S

12

The best of

both worlds

PETER HÄRDI (ASCOM WIRELESS SOLUTIONS) talks with ETM’S ALI KLAVER about the cost savings of IP-DECT solu-tions for onsite wireless communications.

As we touched on before, the DECT standard is about air interface for the communication system. Below that there is another standard which deals with how you access the handset and how the interaction is between how we call the handset; and there is a standard call GAP with dialling in between the handset and infrastructure to make the connections.

There we have a different and higher standard on what is called CAP, which is made for a big system where you can have handover from one base station to the other but also roaming—when you take your Ascom DECT handset from one proximity to the next you can go on with your calls as you would if you were on a GSM handset.

This brings us to the next great benefit of the Ascom IP-DECT system—its scalability. We can deal with very small systems up to systems with thousands of handsets. On top of that we’re able to offer customers a move migration from their legacy DECT system into the IP world, meaning that we can deploy an IP-DECT system and reuse their infrastructure.

They can keep their legacy base stations, which is a massive cost factor, and integrate it into the IP system. This was very much appreciated by our customers.

It is also a given that the handset you buy today should also be useable over the next generation, and this was proved when we made the jump from the legacy DECT system into the IP-DECT system.

This has helped us to keep the large customer base that we’ve built over the past 50 years.

AK: ThAT IS vEry IMPOrTAnT ESPECIAlly WhEn yOu TAKE InTO ACCOunT SCAlABIlITy WhICh IS vITAl fOr SMAll TO MEDIuM BuSInESSES, AS WEll AS BEInG ABlE TO InTEGraTE WITh lEGACy SySTEMS.

Ph: yes, it’s exciting because it just hasn’t been possible in the past. I personally was involved in a process where we sold the system to the largest retailer in Switzerland. We were dealing with hundreds of small subsidiaries up to the big shopping centers and I was amazed at how easily the system moved.

The legacy-based experiences were always so cumbersome to integrate and deploy in big networks and there were many hurdles in relation to third parties, so it’s much easier today with the IP system.

In fact, what we’re facing now has been very successful in Europe but not present at all in the uS. It’s interesting that we weren’t able to sell any DECT system in the uS some years ago because no one wanted it—it was an unknown standard.

There was a lot of hype around Wi-fi and wireless lAn, and some customers have already changed to the IP-DECT system even in the uS now because it’s makes more business sense. This is especially true for hospitals who want to have a very secure communication system.

AK: fOr All Of ThE CIOS AnD IT DIrECTOrS lISTEnInG TODAy, CAn yOu TEll uS ThE MAjOr ChAllEnGES ThAT ArE fACInG ThESE TyPES Of PEOPlE In ThE ArEA Of TElECOMMunICATIOnS SuCh AS vOICE AnD DATA TranSPOrT?

Ph: I would say that the challenge for CIOs, specifically in regard to communications, is that they become more responsible for the voice services within a company and in that process they may also go through a steep learning curve as I did when I came from the IT industry to Ascom.

One of the first things I learnt was that voice communication is not the same as communicating with data, it is much more challenging especially since the IP standard wasn’t made for voice communications.

for example, when you transfer data from a simple file to an excel file, it doesn’t really matter

guarantees a very high quality of speech and play transmission.

The big difference to the legacy system is that all the networking is on the IP standard. This means that you can use the common IT network of a company for all the voice and messaging communication.

This research also opened up new possibilities with regard to integrating more than one subsidiary into one system. With that I would say we entered into the new world, or more or less the best of both worlds—the secure classical DECT standard for air interface and all the value you get from a well-running IT network.

AK: PETEr, ThErE ArE DIffErEnT DECT Or IP-DECT SOluTIOnS AvAIlABlE AT ThE MOMEnT, SO hOW DID ASCOM BECOME ThE lEADEr In ThE EnTErPrISE MArKET?

Ph: While most of the other providers of some kind of DECT system are coming from the voice part of the communication, we come in and add value to the communication systems.

We never provide just voice. We’ve always been into what we call interactive messaging where we integrate our system to the processes of the business. I think that was the starting point that made us so successful in the enterprise market.

What we’ve also seen during the past year is a big movement in the communication market away from traditional PBX dominated communication into the IT market.

requirements on the openness of the system were also increasing, and I see a similar process from my experience as a junior sales in my time in IT more than 20 years ago when the old mainframe providers tried to keep all the PC and lAns out of their proprietary infrastructure.

The PBX vendors also started there and never really made or designed the solution to interact or integrate with the other solutions. So what we’re seeing and also profiting from now is the move to the IT our customers expect which is more openness from the system.

They want to have any kind of PBX or soft switch and add to those switches any handset or infrastructure which is fulfilling their needs the best. Some PBX vendors are really struggling because this does not fit in at all with their business model.

I would say that the openness of the system really helped us during the past year, and now the market is more about integrating our systems into other communication systems. Then it’s also based on the technology we’re using.

“... voice communication is not the same as communicating with

data, it is much more challeng-ing...”

hEA

D TO

hEA

D

IP-DEC

T SO

luT

IOn

S

13

AK: KEVIN, AS CHIEF EVANGELIST AT SERENA YOU MUST MEET A LOT OF CUSTOMERS IN YOUR T� VELS, SO WHAT TRENDS ARE YOU SEEING CONSISTENTLY ACROSS THE GLOBE?

KP: For the last decade there’s been a huge compression of IT budgets. I was talking to a customer recently who was saying that we’ve got to the point with IT budgets where: “� e lemon has been squeezed so tightly that there is not a drop le� . In fact, all you can actually hear are the pips squeaking!”

Our customers are under this enormous compression of the available budget, but at the same time the lines of business are bringing all those ideas forward for IT to implement and create solutions for—and they want them faster than ever. � e whole pace and cadence of

h� p://www.GlobalETM.com

HEA

D TO

HEA

D

APPLIC

ATIO

N D

EVELO

PMEN

T

16

The Last Automation FrontierETM’S ALI KLAVER talks to KEVIN PARKER (SERENA SOFTWARE) about application development and delivery.

business continues to accelerate. We now have tighter budgets and demand for faster time to market.

We are living in the most highly regulated and compliance-required environment that we have ever seen. � is in itself is piling up on the IT departments and then the business is also asking them to implement cool social media stu� and mashups.

We’re escalating the technology delivery and complexity, and we’re adding delivery to the cloud, mobile devices and embedded systems, and suddenly we’ve got increasing orders of magnitude and complexity in everything we do.

It doesn’t ma� er whether I’m in the Far East talking to a manufacturing company, in Europe talking to somebody in � nance, or here in North America in healthcare—everybody is facing these challenges and it’s got to the point now where there is nothing le� that we can do to improve delivery speed.

Remember the things we’ve tried such as outsourcing—but there’s really not much more that we can outsource. We bought every package we can and put every ERP and CRM system in place so that we don’t have the development time, and people are now asking what else they can do with less money—especially when “the pips are squeaking”.

AK: WE ALWAYS TRY TO THINK OF WAYS TO DEAL WITH THESE SORTS OF CHALLENGES, SO WHAT APPROACHES DO YOU COMMONLY FIND THAT ORGANIZATIONS TAKE TO ADDRESS THE THINGS YOU MENTIONED?

KP: As I travel the world it seems to be an almost universal truth that organizations are all looking to solve the same problems at the same time.

Year on year, as I travel around, there seems to be a focus on the same topics and perhaps that’s just the fashion. I suspect it’s actually more about maturity and people evolving their IT solutions and their approach to delivering them in a consistent way.

Right now I can tell you that it isn’t the core of application delivery that people are focusing on—it’s the book ends; the front end of the lifecycle—demand management, and the back end of the lifecycle—release management.

At the front end there are a lot of people trying to work out how to make sure that the money they spend in IT is being spent on the right things. So there is an intense focus and emphasis on understanding the demand management part of the lifecycle.

How can they make sure that, out of the business ideas that are coming in, they pick the winners? � e projects they select need to move the dial for the business the most with the least amount of investment, so where is that increased ROI from these projects not only in terms of increasing the return on investment, but also the new ROI which is eliminating the risk of incarceration?

� ere is a big focus on the front end of the lifecycle and a lot of customers are trying to get systems in place so there is greater visibility.

In fact, if there were a keyword for what has been going on in 2010 with the customers I meet, it would be “visibility”. People want to see where their projects comes in the queue; where the “waterline” is that IT is se� ing in terms of projects they’re going to do this year, and how they can negotiate and arbitrate with their peers in other lines of business.

Without a doubt, the biggest focus, and this is universally true with every customer I visit, is that the complexity of delivering applications into production today is so massive that it’s not something that we can hand to humans any longer.

We have an interesting situation in most organizations on a Friday a� ernoon when the release engineer comes in and shepherds all those deployments through until Sunday morning, makes sure that the code gets in the right place, that all the patches get applied, and that the servers get stopped and started in the right order.

But because of the complexity of applications today, and due to the interdependence between and among all the applications, we’ve reached the point now where it’s beyond the ability of individual humans to do any more.

Most of the customers I talk to are looking for two things; a way to automate the lifecycle process of release management so they can make sure that the right people sign o� on the releases, that people downstream are ge� ing clear visibility into the release calendar so they can smooth out the peaks and troughs in terms of demand for new releases, and then at the lowest level there is an intense focus on making sure that we automate so we get complete repeatability, traceability and predictability for how we deliver so� ware.

We’re now deploying into this heterogeneous set of target environments that have their own intrinsic topological and technology needs, so we have to encapsulate those needs inside technology. Everyone is looking for solutions that can make that happen.One of the critical drivers of that is ITIL.

� ere was lot of hype around ITIL three or four years ago and now that it’s gone mainstream a lot of my customers say that they’re doing ITIL. � ey’re implementing it in their own way and aren’t using all the parts of ITIL out of the book, but essentially following the discipline that comes from ITIL.

Now that there is this focus on managing changes into production it requires everyone in the lifecycle, both in the production and application of delivery environments, to get much more automated so that it’s possible to seamlessly increase the velocity of delivering to production.

� ere used to be this sense that release management was a bo� leneck and the point at which everything stopped. It was a big grind to get things out into production and that is still true in many places, but the really smart people have realized that if you can increase the velocity and the ability to deliver releases into production with crisp execution every time, you can start to get changes into the production environments that meet the rapidly changing needs of the business.

We talked about those a moment ago, and of course with new approaches for so� ware delivery like lean and agile, they absolutely demand that we pick up the pace of change and the ability to put smaller batches of change into production much more quickly.

If you don’t automate it you are going to bury the release engineers with changes and you will grind to a halt. � is is the number one focus customers have these days.

AK: SO THIS IS ACTUALLY A MASSIVE UNDERTAKING AND I GUESS THERE ARE QUITE A NUMBER OF PITFALLS THAT YOU MIGHT HAVE SEEN IN THE LAST FEW MONTHS, IF NOT YEARS. CAN YOU TALK ABOUT THOSE?

KP: Because this is such a massive problem, people are looking at automating from end-to-end so they’re looking for one-size-� ts-all solutions. � e great thing about one-size-� ts-all solutions is that you have one common technology, usually on one common platform, and it’s designed to automate the hando� from the beginning to the end of a lifecycle.

� e problem with these solutions is that in all cases they are designed for an average kind of environment. No customer is an average kind of environment.

A lot of these products are massive and have 1001 di� erent features and functions of which we use only 5-10%. Customers are struggling to make these one-size-� ts-all solutions work.

HEA

D TO

HEA

D

APPLIC

ATIO

N D

EVELO

PMEN

T

17

AN

ALYST

FEATU

RE

SOC

IAL M

EDIA

20 Commercially, and socially, yours…

Savvy employers are looking at how to integrate social networking

into their day-to-day corporate activities, but there are a few things

to watch out for. CLIVE LONGBOTTOM (QUOCIRCA) takes you

through the pros and cons.

“Vodafone suspends employee a� er obscene Tweet”. “� e day United Airlines Twi� er was hijacked”. “Facebook ‘costs businesses dear’”, losing 233 million hours of productivity per month in the UK alone, according to research carried out by UK employment law � rm, Peninsula.

� ese are just a few of the headlines from recent media platforms that make many organizations think that social networking is something to be avoided at the corporate level, and to be banned at the individual employee level.

While control is de� nitely required, social networking o� ers de� nite opportunities to a business. Locking down an employee is increasingly di� cult to do within the corporate space and impossible once they go home. So just how should an organization look at social media?

Let’s start with a few � gures. Facebook has over 500 million active accounts, with over 700 billion active minutes (over 1.3 million man years) spent on the site per month. Twi� er has passed the 200 million user mark. Foursquare has passed the two million user mark. � irty-� ve hours of video are uploaded to YouTube every minute.

Now look at the � gures for your own web site—how many unique visitors have you had in the last year, never mind the last month?

� e reach of social networking is phenomenal. Even with the accepted over-reporting of unique users of social networking sites (many people have more than one account), and the totally banal content of much of what is put up on the social web, the importance of being seen in the social sphere cannot be ignored.

Yet many organizations are, to mix a couple of metaphors, burying their heads in the sand and trying to act as King Cnut to � ght the tide of their own customers’, prospects’ and employees’ preferences.

Technical a� empts are made to block access to social sites; dictats are passed down threatening all sorts of ills on anyone found using the sites during company time, while the marketing function hides behind email and standard media-based campaigns.

It may be that this results in individuals not being able to use social sites—which has to be good surely? � ey are now fully focused on doing what we pay them for—company work.

But employees go home—where they can log onto their own machines and catch up with their social streams;“Sorry I couldn’t get back to you. Company locks me down. #Fail”. Friend responds; “What company is that? Sounds

very old fashioned”. Employee responds; “Yeah—Acme. Very old fashioned, bad place to do anything. Most people not happy”.

Well, that’s worked well for dear old Acme, hasn’t it? � e employee has low morale and feels that they are missing out because they know that friends from your biggest competitor, Globalcorp, are on Facebook all day.

Your customer base suddenly sees that the company they are dealing with is behind the curve with what is seen as almost a necessity these days. � ey also see that Globalcorp is more progressive—and probably � nd that they have their own Facebook, Twi� er and YouTube accounts.

� ey follow Globalcorp and � nd that they are o� ering special deals through these channels and are willing to engage in direct interactions. If you were in the individual’s shoes, which company would you want to do business with?

Interacting with those that are your main focus has to be the aim, but doing it in the right way and in a manner that makes economic sense to the organization. Quocirca researched a while ago into the use of social networking within the public sector and had a remarkable discussion with one local government group.

� ey believed that the best way for them to engage with the citizens they were responsible for was through social networking, but that “obviously, they couldn’t use public systems”. � erefore, they wanted to replicate Facebook. � e thought process was that because Facebook was so successful, the local government’s version of it would also be successful.

Unfortunately, they soon realized that the real world doesn’t work like that. For those who are spending a large part of their day on

Facebook, that site is their center of operations. A worthy site that provides information on a single set of needs just doesn’t cut it any longer—a “private Facebook” will die before it gets anywhere.

Organizations have to accept that their role is to take the business to the prospect—not try to drag the prospect to the business. � erefore,

the use of these mega sites has to be where the focus lies and not on trying to make people come to your site directly. � e problem lies in doing this e� ectively.

E� ective social media depends on what type of business you are and how you want to be perceived out in the market. For example, a retailer may be able to pick up a lot of followers by making special o� ers through social network streams.

Specialist companies may want to have social feeds that are driven by named people who are well known within their realm of expertise. Others may want to drive followers through free gi� s in exchange for information, links to other o� ers and so on—it comes down to what � ts with your own corporate pro� le.

However, when compared to a standard website, it has to be remembered that social networking is far more “of the moment”, and that an organization has far less control over something once it has gone out.

� ose who are tasked with managing social media streams must be seen as trustworthy. � is is not the place for an unhappy employee to be given a corporately endorsed voice. � ey have to be tied in to what is happening within the business. Whatever is promised through social networking has to be known by sales, marketing and the contact center to maintain cohesion for the overall corporate strategy.

� e various streams have to be kept in synch. � ere is no point in advertising one o� er on Twi� er that is then o� ered in a di� erent manner on Facebook. � e users following your organization through both sites will only get confused.

Content � ltering can be of great use here

in ensuring that content of certain types does not go out either accidently or maliciously. Intellectual property can therefore be protected, but more importantly, an organization’s brand and pro� le can be maintained through ensuring that racist, sexist and other o� ensive material, as well as intellectual property, can be blocked before it hits public sites.

AN

ALYST

FEATU

RE

SOC

IAL M

EDIA

21

“... grab the opportunity and use it, join the rest of us out

there, and see what can be done.”

Priceless

ETM’S ALI KLAVER talks to the CEO of HANDYSOFT, HARRY CLARKE, about BPM and why this hot technology is making enter-prises successful—even in today’s tough market.

Ask

th

e expert

Bu

siness pro

cess m

An

Agem

ent

24

h� p://www.GlobalETM.com

Ask

th

e expert

Bu

siness pro

cess m

An

Agem

ent

25 Ak: hArry, tell us ABout hAnDysoFt?

hc: Th ere are a couple of great things to start off with. Firstly, 2011 is a big event at handysoft —our 20th anniversary. As is the case with most of these signifi cant events it’s a great time to look back and refl ect on the journey you’ve had.

We’ve been remarkably consistent on our mission—our vision—for the entire 20-year period. today, as it was 20 years ago, our mission and vision is still to deliver process innovation that results in very compelling customer successes.

honestly though, that vision isn’t unique to us. Th ere are companies in our space that have very similar visions, but what separates handysoft from the others is the lifecycle or journey that we’ve come through.

i think about handysoft ’s evolution in three phases. Th e fi rst phase for us started in 1991 and i think of it as our process automation expertise phase.

During that seven year period, spanning 1991-98, we didn’t have a technology solution. We were consultants working around the globe, doing business process automation and process re-engineering kind of engagements.

Th roughout that period, and as our engagements got bigger and more challenging, we identifi ed the need for a technology solution that would allow us to engage with a best practices kind of methodology and approach and deliver very consistent results—but to do it much more quickly than if we approached each engagement as totally separate.

so three and a half years into that seven year journey we started developing that solution. Th e launch of the solution in 1998 is the second phase of our handysoft journey, what i call the BizFlow evolution.

in 1998 we delivered BizFlow version one, we had offi ces around the globe, and the solution was adopted quickly. it took off in governments, manufacturing organizations (particularly technology manufacturing), and most other industries as well.

on a side note, BizFlow is on version 11.5 so it’s a very mature product, but the Bpm solution that we have today, although it has evolved far beyond where we started, still has the same foundation principles that we started with—to be the fastest, most innovative, most fl exible business process automation solution in the market.

today we have thousands of processes completed across hundreds of customers with millions of users. so it’s a great story.

in 2008 we entered the third part of our journey. Th is was an epiphany moment for us when we were in a senior management planning session and looking at how we engineer our business to be even closer to our customers.

one of the things we did in the session is, out of all the metrics that we use to measure our business, we locked down on one that would be the single most important measurement that we would focus on and talk about every time we got together as a management team.

Th rough that process we identifi ed and unanimously selected customer success as our most important measurement. But what’s unique about it is how we measure customer success.

We decided we would measure it in the trenches, project by project, and we do hundreds of these a year. Th e metrics by which we would measure that was if the project was accomplished on time, under budget, were the end users engaged in using the solution and was the solution achieving its roi.

With that as our mantra did a lot of validation, so now we’re in our third year of what i call our customer success phase. We’ve learned a lot and we are so much smarter about

how we help customers succeed than we were even three years ago.

in this cycle we came to the belief that process automation for our customers is built on three pillars. Th e fi rst is methodology and approach—how we help customers adopt a successful approach that is unique and fi ts nicely with their business.

Th e second pillar is all about talent development. if you took apart a process automation journey you would fi nd six diff erent types of roles or users that are involved in it, from design, through development, implementation and use.

so we developed an architecture around how we help our customers develop the talent they need to succeed and that starts with something that we call handysoft university. Th en it moves into something that’s really creative, what we call “trainmentation”, and

that’s actually training and mentoring and implementation on the customer, with their project.

Th e last phase of that talent development journey is what we call advanced development. Th at’s around what we call rpm or rapid process management, and it’s also around enabling what we call enterprise self-service. so talent development is the second pillar.

Th e third pillar is technology innovation that is all about BizFlow plus, enterprise self-service, and how we work with companies to help create user interfaces that the users love to engage with.

Ak: i’m Assuming thAt you’ve Been With hAnDysoFt AnD Driving thAt customer sAtisFAction Focus From the Beginning, WoulD i Be right?

hc: i work for Jae Ahn, he’s our chairman and one of the two founders of the business.

i’ve been with handysoft for three years now and came in during the technology phase of our journey and have been here through

the inception of what i call our customer success phase.

Ak: FAntAstic, AnD congRA tulAtions For celeBRA ting your 20th AnniversAry next yeAr.

hc: Th ank you so much.

Ak: it’s Quite A FeAt, especiAlly in the it inDustry. For my next Question i WAnteD to tAlk ABout Bpm BecAuse it’s emergeD As one oF the hoTT est technology sectors. Why Do you think this is?

hc: i would suggest that it’s because Bpm enables business systems to be developed and to evolve at the speed of business. in other

“... achieving your business automation

objectives, on time, under budget, and

producing a compelling rOi with

delighted users—priceless.”

h� p://www.GlobalETM.com

MA: FIrstly, I’d lIke to Ask eAch oF you to spend A MInute IntroducIng yourselF. dIgvIjAy And cArol, pleAse tell us A lITT le bIt About your bAckground.

dk: I’m the vice president for itops delivery at igate and I lead the fi nance and accounts function and service delivery for the other shared service off erings we have. I also run the voice-based contact center and insurance operations for igate globally.

I have many years of experience, primarily in the off shoring space, and have had the opportunity of migrating and sett ing up operations for multiple clients all across the us, europe, canada and Australia. Th e primary focus has been on the F&A side.

cu: I’m the group bpo development director at steria. I came to this role having worked for many years in It outsourcing and major projects and transactions to customers. we went into F&A about eight years ago and at that point I moved into F&A as well and have been working there ever since.

our work nowadays spans F&A and what we call vertical bpo which are the industry-specifi c business process services that we deliver for a number of our clients in a number of sectors.

MA: I’d lIke to stArt todAy by AskIng eAch oF you to tAlk About your F&A bpo oFFerIng In terMs oF the FunctIons thAt Are Included. we sAy FInAnce And AccountIng And It cAn MeAn A lot oF thIngs; pAyAble, receIvAble, credIt collectIon, genera l ledger postIng, procureMent And so on.

then IF you could tAlk About how bIg your busIness Is In terMs oF the clIents you ActuAlly servIce, how MAny people you hAve doIng thIs work, how MAny servIce centers you hAve And where those servIce centers Are locAted, thAt would be greAt.

It’s quIte A lArge questIon to Answer. cArol—lAdIes FIrst.

cu: Th at’s lovely. As I said in my introduction, steria moved into F&A outsourcing around eight years ago and our foundation client was british telecom. we were very fortunate when we took them on in that they came with a very large range of services.

exec

ut

Ive pA

nel

FInA

nc

e An

d Ac

co

un

tIn

g o

ut

sou

rcIn

g

30

DIGVIJAY KUMAR (IGATE CORPORATION) and CAROL UNWIN (STERIA) join MIKE ATWOOD (HORSES FOR SOURCES) on

a panel podcast to discuss fi nance and accounting outsourcing

and in particular how to optimize transformation.

Outsourcing around the world

In terms of our bpo off ering, that really helped us shape our off ering, and with that came requirements such as payable, general ledger, banking, fi xed assets and a litt le bit of procurement, plus something that is unique to the uk telco sector which is reporting to the regulator.

As we’ve taken on new clients over the years we’ve increased the scope of our off erings so we have a signifi cant receivables and collections business now. For instance, for the nhs (national health services) in the uk we collect around £11 billion a year of debt for them so we have a broad range of services.

A number of our clients also come with payroll requirements, so we deliver payroll services as part of our F&A off ering. some clients also have procurement requirements and that can range from sourcing, which we do in a few categories, through to the procurement administration which we do a lot more of.

so it is a big range of activities, and as we grew we evolved the number of centers that we deliver in over the years. Initially we took on the staff from bt and acquired centers in places like Manchester, birmingham and london in the uk.

over time we migrated work to India and we have some major centers there, particularly for F&A in pune and chennai, and then we provide a lot of voice sources to supply employee helplines in noida as well, so we are using India signifi cantly.

over time we have had more and more clients come on board and in the last few years we’ve increased our bpo footprint in europe. we operate customer centers in spain and are able to deliver bpo services in poland. Th ese are not so much based around F&A but upon other bpo requirements that our clients have across the world.

we run one of the largest joint ventures in the F&A world with the nhs in the uk, and that means that we have between 130-140 F&A clients providing full service right through from payables and receivables to payroll and procurement services.

some of those clients are nhs clients, but we also have a number of bespoke clients outside that.

MA: so when you wra p All thIs up And you get All these clIents, how MAny people do you hAve thAt Are supportIng thIs eFFort?

cu: we certainly have quite a lot. I was trying to add it up before we started talking

today and I think if I said there was 4000 people in our bpo practice I wouldn’t be far wrong.

Th e largest volume of these people are in India. I couldn’t break out the F&A numbers separate from the bpo, but it is about 4000.

MA: dIgvIjAy, cAn you tAlk About whAt Is Included In your oFFerIng And Any oF the stAtIstIcs About the nuMber oF clIents, people And so on?

dk: we have actually segmented our F&A off ering into procure to pay, order to cash, record to report, and other services such as vendor master management, asset accounting and business analytics.

Th e fi rst three are actually end-to-end service off erings, particularly procure to pay, order to cash, and record to report. within each of these large areas we do a lot of work. For example, in procure to pay we would manage everything from procurement, accounts payable, vendor reconciliation, supply performance, management analysis, and even expense accounting.

on the order to cash side we would further subdivide it into invoicing, collections, cash applications, managing aged debtors and managing customer reconciliations. In that group we’ve got multiple clients that may start either with an end-to-end service off ering, or they may choose to start off the relationship by contracting in one particular area, and as they experience the service delivery the relationship can grow in terms of Fte strength.

to put it in perspective, we currently have nine active clients but they vary from each location. we currently have clients in the us, canada, the uk and Australia, and they range from a $35 billion fi nancial conglomerate to the government of Australia. so the spread and the range are wide when it comes to clients using our service off erings.

to answer your question on how many people and service centers we have, our bpo off ering is prett y robust. we have around 2000 people spread across bangalore and noida in India, and between Mexico and Australia. out of these 2000 there are about 800 people that are dedicated to the fi nance and accounting function.

MA: oKA y, so both oF you Are delIverIng servIces out oF IndIA And other plAces Around the world. let Me throw A questIon In here becAuse It’s soMethIng thAt AlwAys coMes up when I deAl

wIth clIents. It’s to do wIth the FAct thAt englIsh Isn’t AlwAys A coMMon lAnguAge, And Indeed cAn even vAry by country.

how Are you hAndlIng the Issue oF Accents And geTT Ing people In dIFFerent pArts oF the world to understAnd one Another?

dk: In fi nance and accounting processes, other than for certain processes like collections in particular, most of the transactions require people to be conversant with the writt en english language without actually gett ing on the phone and speaking.

so for the majority, and because most education systems are in english or off er english, it doesn’t matt er whether we’re talking to Australia, Mexico or India. Th is isn’t a challenge.

when it comes to voice-based interactions we choose people who speak in a neutral accent that is clear. we check this during the interview stage and these are the kind of resources that would be sourced to be embedded in any programme.

cu: I agree with digvijay, and I think our approach is probably very similar. we would separate out those functions that are voice dependent and those that are what you might call back offi ce transactions dependent.

obviously the mass of transactions are back offi ce dependent but the big thing is: why do you need voice? you generally need voice if somebody phones up because they haven’t been paid or they want to fi nd out the status of their expenses and so on.

so if it is a supplier or employee requirement then there are things you can do to neutralize the issues of voice anyway, and you can start to put in portals and proactively give information to the people buying into the service. Th at way you reduce the dependence on voice and language because you can provide portal information in any language that people might want to receive it. so that is one of the things to look at.

Th e other thing is ensuring that, where you do need voice, it’s the best quality voice you can get. digvijay already said that we invest a lot of time and eff ort in language lab and making sure that the people who are speaking speak the language that everybody will understand. Accent neutralization is also very important.

Funnily enough, the regional accents in the uk can be more complex and more diffi cult to

exec

ut

Ive pA

nel

FInA

nc

e An

d Ac

co

un

tIn

g o

ut

sou

rcIn

g

31

HEA

D TO

HEA

D

PERFO

RM

AN

CE A

ND

CA

PACIT

Y MA

NAG

EMEN

T

38

Lean, mean and perfect performanceKeeping up with the fast pace of today’s market isn’t as hard as you might think. TONY BEESTON (ORSYP) talks to ETM’S ALI KLAVER about performance and capacity management and how success is possible with a little help.

h� p://www.GlobalETM.com

AK: TONY, YOU’RE A PRODUCT MARKETING MANAGER AT ORSYP. HOW DID YOU GET THERE AND WHAT DO YOU DO TODAY?

TB: Nearly 30 years in IT has given me a good personal view of all the changes within IT. I started o� in the mainframe world developing so� ware for business, and then moved all the way through open systems and into our modern technology today. It’s been an interesting journey and I’ve actually done most jobs within IT.

Today, I’m in product marketing and its purpose is to determine the future requirements to address our customers’ needs. We talk to the industry, our customers and our competitors to identify what people need, then we drive that through our business and release it out into the market.

ORSYP is an independent so� ware company and we specialize in solutions for the IT operations market. We’ve been around for 25 years and have a presence in all the major regions around the world with two major � agship products; one in workload automation called Dollar Universe, and one called Sysload which specializes in both performance management and capacity management.

AK: LET’S TALK ABOUT THE CHANGES YOU’RE SEEING IN THE PERFORMANCE AND CAPACITY MANAGEMENT MARKET. ARE THEY QUITE EXCESSIVE OR ONLY SLIGHTLY ALTERING WHAT IS ALREADY ESTABLISHED?

TB: It’s an interesting market at the moment. Capacity management means di� erent things to di� erent people.

For example, ITIL version 3 has a series of best practices for capacity management, so people who have invested or are investing in ITIL are starting to implement these processes around the technology level, the service level and the business level.

� e � rst of these, the technology level, is what we have been doing all the time. � e service level is starting to have more impact, people are starting to do more of it, there is more traction around it, and some people have even moved to the business level although they are few because there is very li� le so� ware to help you move into that level.

� is last point is the one that actually allows IT to operate as a business and provide be� er value to organizations.

have this information that it’s not isolated or si� ing in a silo all by itself.

If a problem is detected you need the performance information from the hardware layer to isolate the problem and resolve it—the performance management side of the equation.

� is level of information then allows you be� er insight into how your applications use the hardware, and also allows you to lower these head rooms for lean management and the costs associated with it with the assurance of no impact to the service level that you’re delivering.

� ere are many ways to capture the user experience and all give you a good indication of response, but in my opinion the best method is scenario replay. Here the actual work carried out by a user is undertaken automatically at the location the user is in, and therefore you get the real responses that the user experiences.

Other mechanisms such as probes give you a good indicator to the response but it’s much more technical to implement and still misses some aspects of the user experience itself. It is more a technical monitoring solution for the applications. Having said that, many people are using it today and are very happy with the results.

A good example for us is a customer who is a juice maker. � ey use our solutions and monitor their actual user experience in 20 di� erent locations within their organization. It is one of the primary dashboards in their data center and if their users begin to experience degradation or a problem then IT is informed immediately.

� is identi� es the service that is causing the issue and the infrastructure that is supporting it, and they can see in detail what is happening, how it is di� erent from normality and shorten the time to repair on the problem.

Obviously they’ve already automatically informed the users that they’re working on their problem and the user may not yet have realized that they actually have a problem, so this is improving the service that we deliver back to those who ma� er—our users.

AK: YOU MENTIONED PERFORMANCE MANAGEMENT—DOES THAT NOT ALWAYS COME WITH A CAPACITY MANAGEMENT SOLUTION?

TB: To a degree, it does. It is impossible to undertake capacity management without collecting performance metrics for what is actually going on.

Outside of this we see a move to a lean management process approach to capacity. � is is making the best use of the infrastructure that already exists and providing a service that consistently delivers value to the business at the right cost.

� e majority of companies are still using the more traditional routes in capacity management with trend analysis, the “what if ” scenarios and utilization reporting.

AK: YOU’VE BROUGHT UP LEAN MANAGEMENT—HOW DOES THAT DIFFER FROM T� DITIONAL CAPACITY MANAGEMENT?

TB: Lean management, in simple terms, is the elimination of waste. It is a continuous process instead of a planning exercise.

Retailing, manufacturing and others have already gone through these changes and they found signi� cant cost savings and bene� ts to the business, and it now seems that it’s time for IT operations management to move into the same area.

For example, the head room on our infrastructure is e� ectively wasted if it is never required, but we see potential waste at di� erent times during the day and con� gurations need to be more dynamic based on the load being demanded. � is move to virtualization has made the elimination of this type of waste possible.

� ere is also waste in the infrastructure that’s been provided but is no longer required or used properly—virtual service sprawl is an example of this.

� e more traditional planning involves understanding the load placed on our infrastructure by our business applications and making certain that falls with service delivery requirements, while also providing tools to predict the future requirements to maintain those levels both upwards and downwards.

AK: I’VE HEARD ABOUT END USER EXPERIENCE MONITORING. DO YOU SEE THIS AS IMPORTANT?

TB: It’s actually becoming essential. In fact, it becomes very di� cult to implement ITIL capacity management or indeed lean management without it.

As far as service levels are concerned, it doesn’t ma� er if the hardware is used 30% or 90%—it’s what the user actually experiences. However, it is very important that once you

HEA

D TO

HEA

D

PERFO

RM

AN

CE A

ND

CA

PACIT

Y MA

NAG

EMEN

T

39

HEA

D TO

HEA

D

CO

NT

ROLLIN

G EN

DPO

INT

S

42 Capturing control

h� p://www.GlobalETM.com

Controlling your endpoints and keeping them secure is becoming a harder task with each new innovation in technology. MARC BRUNGARDT (PROMISEC) says that a unique solution will enable companies to operate the way they need to. He speaks to ETM’S ALI KLAVER.

AK: WHAT CUSTOMER PROBLEM ARE YOU SOLVING AT THE MOMENT?

MB: Promisec helps companies regain control of their endpoints—speci� cally their laptops, desktops and servers. We address several inherent challenges of managing endpoints e� ectively, like visibility, for example.

When it comes to endpoints many companies don’t have a good handle on what they have and what’s going on. � ey don’t know if they have unmanaged or rogue devices on the network.

� e companies own and depend on a host of agent-based solutions for mission-critical tasks including things like antivirus encryption and patch management solutions. When those agents fail, so do the mission-critical tasks associated with those tools.

End users are a common egress point as well. As we know they can and will do things that complicate endpoint control. And last but not least, while the Windows environment is very powerful, it is subject to change by intent or accident which can cause signi� cant disruption in unexpected and unnecessary ways.

� e way the industry has addressed this fragile nature of the Windows environment is by laying product upon product on top of that OS to protect both the environment and the data that resides on those endpoints.

� e fact is that these agent-based layers for AV, patch and DLP are just as susceptible to changes as the OS, therefore it requires a non-agent based approach that is not dependent on WMI or GPO to work.

At the end of the day, these things add up to a loss of control at the endpoints and that’s

where the value proposition of Promisec comes to bear.

I’d like to share a quick real-world example of the types of things we see. Recently I was working with a large regional insurance company in the north east. � ey had approximately 10,000 endpoints and upon � rst inspection we realized that almost one third of the endpoints were severely out of compliance for their internal patch policy.

� ese problems were multi-fold. A couple of things were going on. � ey had endpoints

that didn’t have the agent for the patch management application installed at all and, perhaps more commonly, they had a bunch of agents that were installed but required processes that weren’t running for that solution.

In this organization they had a segregation of duties between the endpoint security team and the patch management team. � e patch group felt their job was done as long as they were pushing the patch three times. � e problem was that there was no validation, the patches were successfully making it to the endpoints, and they had no plan for contingency of failure.

One can imagine the concern from the security team when they realized that 3000 of their machines unknowingly contained critical vulnerabilities. � is is a classic example of loss of control at the endpoints.

Lack of visibility kept the problem unseen, required processes associated with their patch management application were failing rendering those solutions ine� ective, and the net result was a signi� cant vulnerability in those organizations.

AK: WHY ARE THE THINGS YOU JUST TALKED ABOUT A PROBLEM? I WOULD HAVE THOUGHT THAT EXISTING ENDPOINT MANAGEMENT TOOLS WOULD HAVE BEEN SUFFICIENT. IS THIS THE CASE?

MB: Companies are using all types of strategies for managing endpoints. � e one thing they all have in common is that they rely on those same agents for their functionality. Because they’re agent based they’re subject

to the intrinsic limitations of all agent based solutions.

Promisec does have overlap with functionality of some of those solutions but we don’t really consider them a competitive product at all. In fact, we actually complement those solutions by making them work be� er, thereby avoiding a very costly rip and replace scenario.

As another example, we recently worked with a large metropolitan city agency with a li� le more than 20,000 endpoints. An initial inspection showed that more than 40% of

their endpoints were out of compliance for their antivirus solution. � e problem was that this agency was relying on the AV console and, based on some mistakes made during a product refresh, those machines were not being managed correctly by the console.

Promisec does not compete or provide the same functionality at all as the AV vendor suite provides, but we did compliment it in a big way by being able to restart stop services, we validated that required services and processes were running, that all machines were being managed and running the latest DAT � le, and all of these are functionalities that the AV vendor cannot provide.

� e net result was a 40% improvement in their AV security posture.

IMPACT ON END (POINT) GAME

AK: SO HOW EXTENSIVE DO YOU THINK THE ENDPOINT CONTROL PROBLEM IS?

MB: Typically we � nd that 20-30% or more of an organization’s endpoints will fail a compliance check, not necessarily for a standard, but for those company’s speci� c policies—what they need or believe is occurring on their endpoints.

We publish an annual audit report that is available on our website at promisec.com. It explains in greater detail about the usual suspects internally, as we refer to them. So now would be a good time to make a suggestion based on the ease and speed of our solutions.

Companies might also want to consider a proof of concept of their own network. � ere is

no cost or obligation and in less than one hour we can inspect several thousand machines and provide an executive report on our � ndings. At the least, everyone always � nds this to be a very insightful opportunity.

AK: WHAT IS THE IMPACT TO IT ORGANIZATIONS THAT DON’T LOOK AT RESOLVING THIS ISSUE?

MB: � is is a great question and one that I like to turn around to our customer by

HEA

D TO

HEA

D

CO

NT

ROLLIN

G EN

DPO

INT

S

43

Few would argue that there has been a communications revolution over the last decade. � e explosive growth in web use, email and the range of mobile communications have given businesses the potential to dramatically improve the way their interaction with customers and increase satisfaction and brand loyalty.

In a recent Forester Customer Experience Survey, customer experience was rated as more important than low prices across all 12 sector categories from banking and insurance to PC manufacturers and service providers.

But it is not just about customer service; businesses should be making use of these channels to promote new products and services to increase revenue.

� e problem is that all too many companies are not only failing to grasp the opportunities that these communication channels bring; but they risk irritating and alienating customers by ge� ing it wrong or simply not being equipped to handle so many contact methods. � e result is disjointed, unpredictable and unreliable communication on all fronts.

Maybe this is not surprising with so many ways for customers and businesses to connect—email, web forms, social media forums, instant messaging, twi� er, SMS and of course the old faithful phone, fax and post.

What is lacking is true integration between the communications channels and CRM systems. While most companies have the ability to send and receive messages in a variety of ways, they work independently of each other.

Knowledge captured by a CRM solution needs to be harnessed and used dynamically to deliver highly tailored, targeted multi-channel marketing and customer service, every step of the way.

In fact, it is possible to use the information held within an existing CRM system to personalize each and every customer interaction. And by acknowledging customers as individuals and treating them accordingly, negative experiences can be avoided. Instead, positive emotions such as feeling valued and cared for can add to a positive experience and enhance loyalty.

� e problem is that most CRM solutions are designed to capture and analyze information and ensure maximum e� ciency in dealing with and managing customers. � ey are not designed to support direct interaction with customers.

So while CRM systems can help to get things operationally right, they do not look at the wider issue of improving the whole customer contact experience.

Each of these has the potential to shape and change the all-round customer experience in an instant. For example, it’s great to send a customer a tailored o� er via email that has been cleverly based on their recent buying habits, but if they end up on hold for ages or there is no record on the system when the customer calls, all the hard work is for nothing.

In fact, it is likely that the customer will be less loyal that they would have been had they never received the special o� er.

So what needs to be done to avoid mistakes and take full advantage of this new world of choice and instant communication?

� e missing CRM link One problem is that the increase in the number of new customer contact points has meant that many organizations are struggling to provide a seamless and personalized service because their CRM solutions are simply unable to cope.

At the same time, tech-savvy customers have become increasingly demanding, expecting far more from their interaction with a brand. � e younger generation in particular know how to use communications technology and expect a more immediate and far richer, personalized experience from the companies they deal with—and rightly so.

CEO

FEATU

RE

CU

STOM

ER R

ELATIO

NSH

IP MA

NAG

EMEN

T

46 COMMUNICATION OVERLOAD

MARLON BOWSER, CEO at HTK, looks at how companies can get the most out of the increasing number of customer communication channels.

One of the most important and seemingly simple things to get right is to understand how customers want to be contacted. But all too o� en companies just play lip service to this. � ey ask the question and then � le the answers neatly away in a CRM system before emailing everyone, just because it’s quicker and easier that way.

Rather than expecting customers to � t around the way an organization does business and communicates, these processes should be, where possible, automatically adapted to meet individual customer’s needs.

Knowing how, when and why customers want to interact and acting upon this information is extremely valuable. Having to tell a customer “the computer says no” is simply not an option when they have asked what seems to them a simple request such as a: “Could you text me to remind me about my delivery?” or a: “Please don’t call me” email.

To get the most out of CRM data, there has to be a further link. It has to be opened up to all of the people and systems across the organization that have any customer contact. But this can take a serious amount of time as well as money, and also presents signi� cant operational challenges in terms of performance, governance and day-to-day control.

What’s needed is a secure and controlled environment that can make CRM data readily available to customer service, marketing and other business departments on demand—in essence, agile CRM.

By making CRM � exible and integrated with communication channels, new and improved business processes for improving customer interaction can be rapidly tested and operationally deployed without the risk of disruption to existing systems.

A new generation of multichannel marketing and customer service automation solutions, such as HTK’s Horizon™ platform, help to unlock the customer interaction

Marlon founded HTK in 1996, with responsibility for technical direction and core applications development. In 2003 Marlon adopted the role of CEO to lead the company into position as a leading managed service provider. Before HTK, Marlon worked for � ve years as a consultant engineer to BT Laboratories Advanced Research and Technology division, designing and developing some of the � rst systems to exploit speech technology in a digital telephony environment.

Marlon graduated in 1991 from the University of Manchester Institute for Science and Technology (UMIST) with a � rst class honours degree in Computation.

Marlon Bowser | CEOHTK

potential of CRM, enabling a more personalized approach to customer service and marketing automation.

Look who’s calling? With the sheer volume of incoming communications, many businesses � nd it hard to di� erentiate between important calls and messages that need to be actioned immediately, and those that have a lower priority.

For large customer-facing organizations in particular, it is important to automatically recognize incoming customers along with the value and nature of the contact; be it an ongoing complaint, service renewal or late bill payment, for example.

In the case of an inbound phone call, it should route them automatically to the right person, avoiding leaving them frustrated because they are waiting in the queue or navigating IVR menus. � is streamlines the process and prevents wasting the valuable time of both the customer and the service operators.

For utilities and telecoms providers, it is also possible to use the same technology to play automated messages to update customers calling from a particular location that has been a� ected by a service outage, for example.

� e system can also intelligently “guess” the most likely reason for a call if customers have just been sent their bills or speci� c personalized marketing promotions. Email and SMS messages can also be routed automatically based on knowledge built up about the customer.

� is makes customers feel valued and important. � ere is nothing more frustrating than ge� ing the impression the company you have given your business to knows nothing about you.

Bringing it all together With so many communication options, it is also essential to control the sequencing or interaction between di� erent channels. An SMS

that was sent a� er an email may actually be read � rst; or a phone call could be made before an earlier email has got to the right person or department.

� is not only leads to confusion and wasted time but may well end in the loss of the customer altogether if there is no knowledge of order between disparate communication systems. By bringing it all together into one multi-channel platform this can be easily achieved.

In the past, poorly executed automated communication technology has earned itself a bad name. Spam emails to outbound voice marketing and complicated “press 1, 2, 3” menus that seem to bear no relation to what the call is about are obvious examples.

However, these technical capabilities that were originally introduced to cut costs can actually help deal with the communication overload and improve the entire customer experience.

Instead of a random, obtuse email, how about a timely email with options when the customer’s contract is about to end? Or an outbound message to let them know that their train is running late and an IVR menu that immediately o� ers to route them where they want to go?

Suddenly, it’s a whole di� erent picture. Even be� er—when the outbound method of communication is the one the customer chose in the � rst place.

It is only by integrating all customer communication into one cohesive platform integrated with CRM systems that businesses can truly harness the enormous potential of advances and variations in the communication channel. Once that is achieved, it is possible to personalize interaction to keep customers satis� ed, deliver a whole a new level of customer engagement and gain a competitive edge.

CEO

FEATU

RE

CU

STOM

ER R

ELATIO

NSH

IP MA

NAG

EMEN

T

47

AK: TELL US ABOUT QUANTUM AND HOW YOU CAME TO WORK FOR THEM.

RD: Quantum has been in the tape and storage business, and data protection in general, for over 30 years. We’ve had a number of di� erent products and acquisitions throughout that time and have been a leader in tape automation with SDLT and LTO, being part of the LTO consortium, and now with their market leading scale of products.

My story is quite interesting. I’ve been in the storage business for over 10 years and a good part of that has been with tape speci� cally. When I was with Sun and StorageTek I always admired the Quantum solution, particularly what they did with their management solution—iLayer management.

It was a tough thing to compete against because it provid ed a lot of value to customers. So when I saw the position come open to manage these products I jumped at the chance.

AK: I GUESS IT’S NO SECRET THAT ENTERPRISES HAVE TO DO A LOT MORE WITH A LOT LESS. IN YOUR OPINION, HOW ARE BUSINESSES COPING WITH THIS SITUATION BECAUSE I KNOW A LOT OF THEM ARE LOOKING AT THINGS LIKE VIRTUALIZATION AND THE CLOUD IN ORDER TO EASE THE BURDEN. IS THIS TRUE PARTICULARLY WITH DATA STO� GE?

ASK

TH

E EXPERT

D

ATA STO

� GE A

ND

TAPE T

ECH

NO

LOG

YOG

Y

48

Problem solved

Data storage shouldn’t be a hard task, particularly with the technol-ogy available to-day. RYAN DUFFY (QUANTUM CORPORATION) tells ETM’S ALI KLAVER that easy adoption and inte-gration is possible.

h� p://www.GlobalETM.com

cartridge. � at’s four times what customers had with LTO-4. In addition to that, the performance increases for throughput and streaming data to the tape has also increased—it’s 75% faster than what customers had with LTO-3.

So when you combine those two features, it helps customers do more in a smaller footprint with less power and in a shorter amount of time. In addition, because they’re using less equipment, their maintenance costs go down. � en they’re managing fewer devices since they can have fewer tape drives, so they save money there as well.

LTO-5 also has the promise for a lot of savings down the road. With LTO-5’s new feature, you can now partition not just the physical library, but an individual cartridge as well. With the new linear tape � le system, LTFS, there’s going to be applications that come down the road that o� er a � le system on a cartridge, so it will make tape look very similar to what your hard drive looks like on your PC where it will be possible to just drag and drop � les.

Traditionally, tape has been a li� le more challenging to manage for some IT managers, but with this new feature it will become very easy to move data to and from tapes. So there’s a lot of promise with LTO-5 in a lot of di� erent areas for customers.

AK: THE WAY COMPANIES EMB� CE THESE NEW TECHNOLOGIES IS AFFECTED BY THE BO� OM LINE AND BEING ABLE TO PROVE ROI FOR THE BUSINESS. HOW WOULD THE IT DIRECTOR OF A MAJOR COMPANY PROVE THE ROI OF SOMETHING LIKE SCALAR?

RD: If you’re an IT director you probably already have a tape solution in place because it’s been around for a long period of time. Generally, those customers and directors

RD: Yes it is. People are certainly looking at virtualization and they’ve been doing virtualization for a number of years. It continues to hold a strong value proposition for customers.

� is is true particularly with tape. � e way most manufacturers deal with this is they provide a partitioning feature that basically virtualizes the library so you can present multiple virtual libraries to multiple hosts or applications, and by doing so maximize the e� ciency and the utilization of your assets.

With Quantum we o� er a partitioning solution that allows customers to create up to 16 virtual libraries per physical library. We have a number of customers that use this virtualization solution to maximize their e� ciency.

It saves them quite a bit of time when they’re dealing with the management of a single asset, versus up to 16 assets. And it saves them � oor space, power and so on. So in terms of doing more with less, the virtualization or partitioning for tape is something that a lot of customers take advantage of.

In addition to that, Quantum o� ers another solution with their encryption key management. We’re the only provider in the industry who o� ers an encryption key management solution that runs on virtual machines as well. So we’re taking the virtualization value proposition to another level with our products.

AK: QUANTUM HAS RECENTLY RELEASED LTO-5 TECHNOLOGY WITH YOUR SCALAR i6000 TAPE LIB� RY, SO IN VIEW OF ALL THE CHALLENGES THAT ENTERPRISES ARE FACING TODAY, AND NOT NECESSARILY AT THE BO� OM LINE EITHER, CAN AND DOES YOUR NEW IMPROVEMENT ADDRESS THE MOST PRESSING DATA CONCERNS OF THE BUSINESS?

RD: Absolutely. LT0-5 can solve a number of issues, not just from helping customers do more with less or to manage costs, but also to manage the incredible data growth that many customers see, ge� ing their backup on time, and making sure that their archives can � t inside a library and within the equipment they have.

LTO-5 basically doubles the capacity of what you had with LTO-4. A lot of customers generally skip generations between LTO, so those looking at LTO-5 who were LTO-3 customers get a capacity increase of 4x.

Now our customers can store up to three terabytes per cartridge on a single LTO-5

have to look at the comparison of what they’re spending today versus replacing it with something new.

� e � rst piece of that is very similar to what we just talked about with an upgrade of

drive technology. � ese customers will be using something perhaps a li� le older, and as part of an upgrade you can justify it by upgrading to newer drive technology and gaining the bene� ts of ge� ing jobs done faster and reducing your footprint, but still managing the explosion of growth that they’re seeing without spending more in power and footprint.

As well as management time, one of the things that Quantum has excelled at is our iLayer so� ware. Customers come to us all the time and tell us that, compared to what they were using before, they’ve saved up to 75% of the management time they were spending before on older solutions.

We completed a survey recently where 70% of our customers told us they saved up to 50% of the time they spent on managing tape prior to ge� ing our library. � at’s another way they can use to justify the expenditure of a new system. � ey can use that time to get other projects done. In addition, many of our customers � nd reliability increases from one system to the next.

We like to say that our iLayer so� ware is intelligent because we built so many intelligent algorithms over time, we have up to 30,000 libraries out in the � eld, and they’ve been in customer environments for many years.

When we receive data back from those libraries we can constantly monitor what kind of errors have happened, what the best way of avoiding those errors is, and give customers proactive notice that something is about to happen and to � x it before it happens.

We’ve noticed a couple of di� erent bene� ts from that iLayer so� ware. � e � rst is that the service calls go down by 50%. � e second thing is that when a service call is necessary, the time

ASK

TH

E EXPERT

D

ATA STO

� GE A

ND

TAPE T

ECH

NO

LOG

YOG

Y

49

“... customers have realized big

savings by implementing a Scalar i6000 and using partitioning to

virtualize their environment.”

IntroductionBasking in the promise of bringing greater e� ciency, supportability, accessibility and cost e� ectiveness in optimizing IT infrastructures, cloud computing is evolving toward a set of powerful consolidating architectures for delivering IT and business services.

Although commonly built upon long established technologies—virtualization, grid computing and clustering etc.—the concepts behind cloud implementations are still fairly young. We are still only on the verge of cloud computing proliferation.

EMA research results identi� ed only 16% of organizations that have seriously or broadly considered cloud computing for their IT services (� e Responsible Cloud, EMA, 2010), indicating an explosive potential for future growth as the value proposition becomes more widely accepted.

Cloud computing implementations have the potential to drive signi� cant improvements in operational e� ciency and reductions in operational expenditures.

To ensure reliability and e� ciency in a cloud infrastructure, however, organizations must adopt service management practices and infrastructure designs consistent with what EMA has referred to as “� e Responsible Cloud”.

� is is a new paradigm for a well-managed, secure, reliable and compliant cloud that delivers consistent and e� cient business services. Organizations can achieve � e Responsible Cloud with the introduction of key disciplines and by enabling management tools that aid in appropriately sizing the infrastructure, ensuring high-availability and minimizing operating expenses while ensuring that SLAs are met and user experience remains as good as, or be� er, than it was before the introduction of cloud services.

Cloud and � e Responsible CloudCloud computing and the preferred delivery modelCloud computing, as de� ned by the US National Standard Institute of Standards and Technology (NIST), is a delivery model for enabling on-demand access to a shared resource that can be reusable, rapidly recon� gurable and accessible with li� le manual intervention.

Cloud computing is less a new revolutionary technology than it is a way of using technologies more creatively and dynamically in support of service delivery. � rough cloud, organizations can achieve economies of scale and o� er self-service to

AN

ALYST

FEATU

RE

CLO

UD

CO

MPU

TIN

G

52

The Road to The Responsible Cloud

With the benefi ts of cloud computing well under-stood, well-prepared enterprises show one element that stands out in common—a richly automated, well monitored, and effectively provisioned array of cloud and hybrid services. This is what EMA calls: “The Responsible Cloud.” ALBERT LEE (ENTERPRISE MANAGEMENT ASSOCIATES) says that consistency in designing cloud comput-ing infrastructures and diligence in applying service management best practices are the keys to The Responsible Cloud.

application and infrastructure resources that are available on demand.

� ere are numerous organizations taking on this challenge of building more � exible, service-oriented networks using existing products and methodologies.

Cloud implementations can be o� ered internally (privately) where the cloud infrastructure is operated solely for an organization’s internal purposes over on-premise infrastructures or o� -premise data centers. Or cloud implementations can be serviced publically over the internet through a variety of established and emerging service providers.

A hybrid approach with a standardized but versatile set of options for the transport and portability of data and applications is also valid and will likely to be the most popular form of cloud computing.

At the very least, this is an essential transition state for organizations with signi� cant existing service deployments and, for many, will likely remain a desirable end state for leveraging cloud computing.

According to EMA research, while public cloud has gained the most publicity, private cloud has seen by far the largest adoption with 75% of organizations planning to adopt a private cloud of which 84% include on-premise deployments.

� e same research also shows that the majority (52%) are choosing a hybrid (on-premise/o� -premise) deployment model. � is is mainly due to the concerns with public cloud in terms of security and compliance, performance and availability, and above all, politics.

� e process issues of assigning ownership and responsibility for consistently managing change, for instance, across an entire ecosystem of organizations some of which are most likely competitors, have yet to be well de� ned even as questions, let alone answers.

EMA likes to call this ITIL 7.5. All of these concerns are much more easily assuaged when they are within the direct control of the organization itself, within a private cloud.

Responsible CloudCareful planning and step-by-step process improvements should be employed to achieve T he Responsible Cloud when developing on-premise and private cloud deployments.

� ese types of deployments require a cloud implementation that is well managed to support the delivery of secure, compliant and high-quality business services. More haphazard approaches can result in a failure to meet

business expectations and, in some cases, may have to be redone.

In an EMA survey of businesses that have deployed a cloud infrastructure, 28% actually saw an increase in operational expenses and 30% reported decreased � exibility, principally due to inadequate management practices.

Ensuring value in a cloud investment begins with deployment and continues through the entire lifecycle of the infrastructure.

Constructing the right infrastructure foundation for Responsible CloudCloud characteristicsAccording to NIST’s de� nition, cloud computing o� en leverages the following common characteristics: massive scale, homogeneity, virtualization, resilient computing, low cost so� ware, geographic distribution, service orientation and advanced security technologies.

Based on these common characteristics, the guidelines can become useful and relevant in infrastructure deployments:

• Rapid elasticity—� e rapid and elastic provisioning capabilities of cloud service.

� is requires capabilities to enable the quick scale out, rapid release and facile retirement of cloud services. To accomplish this, it is critical to account for implicit or explicit resource limitations, with clear visibility into the impact and interdependencies of complex scale out requirements.

• Resource pool—Resources must be made available on-demand to provide a non-disruptive supply of computing resources. � e resource pool should include storage, processing, memory, network bandwidth and virtual machines.

• Self-service—On-demand self-service requires immediate resource or service provisioning without human intervention through well designed capabilities for automation.

• Access (broad network access)—Standardized access mechanisms that are transportable across multiple heterogeneous platforms.• Utility service (measured service)—Abstraction and automation of resource usage to provide control and optimization of resources. Resource usage can be monitored, controlled and reported providing transparency

Figure 1: � e NIST cloud de� nition framework (Source: E� ectively and Securely Using the Cloud Computing Paradigm, NIST, October, 2009)

Hybrid Clouds

Community Cloud

PrivateCloud

PublicCloud

Software as aservice [saas]

Platform as aservice [paas]

Infrastructure as a service [iaas]

On Demand Self-Service

Broad Network Access

Resource Pooling

Massive Scale

Homogeneity

Virtualization

Low Cost Software

Resilient Computing

Geographic Distribution

Service Orientation

Advanced Security

Rapid Elasticity

Measured Service

AN

ALYST

FEATU

RE

CLO

UD

CO

MPU

TIN

G

53

Follow the fl ight path

HEA

D TO

HEA

D

PROJEC

T M

AN

AGEM

ENT

56

h� p://www.GlobalETM.com

MARK KENNY (ENTERPLICITY) talks to ETM’S ALI KLAVER about the fi ve lessons that project management can learn from aviation.

HEA

D TO

HEA

D

PROJEC

T M

AN

AGEM

ENT

57 AK: TELL US ABOUT YOUR COMPANY—WHAT DO YOU DO AND HOW DO YOU HELP OTHER ORGANIZATIONS?

MK: First, we develop a tool called EnterPlicity, which is a project information system that focuses on four aspects.

It extends project management tools such as Gan� charts and similar things to everyone so they have the tools to work be� er. It shares all types of project information like documents, time and costs to reduce all the sca� ered information out there. It automates some of the key processes so people can focus on what ma� ers and it analyzes data through reporting for be� er decision-making.

� at’s the primary thing we do, and we’re a li� le di� erent in that a lot of larger organizations will do a big implementation of Sharepoint and maybe Microso� Project Server, but we focus on what we call the mid-market and companies that don’t have the budget, time or the stomach for the complexity that something like that entails.

EnterPlicity provides similar functionality in one system with less cost and less or no technical resources and they’re a lot easier to get into. We also help companies that have Sharepoint to use it be� er and tack on some project management capabilities to make it a good project information system for them.

AK: IN THIS DISCUSSION WE’RE TEAMING PROJECT MANAGEMENT WITH AVIATION WHICH IS QUITE AN INTERESTING APPROACH. WHY IS AVIATION A GOOD SOURCE?

MK: If you think about it, a lot of project management is based on risk and the need to produce predictable outcomes. We create scope documents to reduce the risk of creating the wrong thing or not meeting stakeholder objectives and expectations—plus monitor project schedules to reduce the risk of being late.

We need our projects to be predictable and manage risk so the organization can rely on them and create and implement strategies—and therefore make them happy. � at has been the focus of aviation for a long time—properly managing risk to produce those safe and predictable outcomes.

I think we’ve all heard how statistically safe airlines are. Granted, we complain about delays and things like that, but when the plane takes o� it generally gets to its destination—there’s a predictable outcome there.

Why is that? It’s not because there’s no risk—there is inherent risk in aviation—it’s

because they’ve done such a good job of managing that risk and pu� ing the right things in place to produce a predictable outcome.

I think there’s a lot that we can learn from aviation because those are some of the similar types of things that we’re trying to learn from or that we’re trying to do in project management. It’s a fresh, new way of looking at it and I think there’s something we can learn that aviation has learned already.

AK: WHAT CAUSED YOU TO BE INTERESTED IN AVIATION AT THE START, AND TO D� W THESE LESSONS AND LINK THEM BACK TO PROJECT MANAGEMENT?

MK: I personally have a pilot’s licence, and I’m not an airline pilot but I almost went into that as a profession. I love everything about � ying. I’ve also been involved in project management, both as a project manager and by helping organizations implement EnterPlicity.

Recently I was reading an article in an aviation magazine called: “15 Ways to Become a Be� er Pilot”. It struck me just how many times I’ve seen similar articles like that about project management.

For some reason that really stayed with me and as I looked into it more I realized that there are a lot of carry over lessons there, and that’s what got me interested in the link between the two.

AK: ONE OF THE LESSONS YOU’VE IDENTIFIED IS PREDICTABLE PROCESSES—TELL US A LI� LE BIT ABOUT THAT.

MK: When you � y, you can’t do things on a whim, and airlines in particular obviously have speci� c procedures that you follow.

When an airliner comes in to land there are certain things to do at certain times—when the � aps come down, when the landing gear comes down, and the speci� c route to � y for a speci� c airplane and airport.

Do you � y much Ali?

AK: I TEND TO GO HOME TO AUST� LIA FROM LONDON AS OFTEN AS I CAN, AT LEAST ONCE A YEAR.

MK: Have you noticed that at some airports you � y into it’s just a simple � y in and land procedure, and then at other airports it feels like you’re zigzagging all over the place before you get to the airport?

AK: ABSOLUTELY.

MK: � ere’s a reason for that. Some of the busier airports have a very speci� c procedure that all the airplanes are following that tells them exactly where to go, at what altitudes, and what route to take to get down to the runway. � ose are some examples of procedures.

If you remember the Hudson River ditching with Captain Sullenberger and First O� cer Skiles—that was an emergency and they knew exactly what to do. Sullenberger took control of the aircra� and Skiles started looking at the appropriate checklist and processes.

� ere’s a lesson there for project management. In project management we tend to make the same mistakes over and over again, so we needed to � nd be� er systems and processes even for something as simple as starting a new project, reporting or scoping, or how we assign resources to a project. � ey need to be predictable and repeatable.

One of our clients is a manufacturer of gas burners to the appliance industry and they’ve been using EnterPlicity for years now. One of the problems they had before was that they couldn’t deliver products on time or create predictable schedules—and of course customers generally weren’t thrilled with that.

Several years ago they decided to do two things. First, they developed a systematic process for how they engineer a part; how they create a project schedule and communicate that to clients. In other words, before they initiated a project and gave the customer a date, they

“... when we do training for EnterPlicity

we try to get people to focus on the process... instead of just focusing on

training on these features.”

ASK

TH

E EXPERT

EN

TER

PRISE PO

RTFO

LIO M

AN

AGEM

ENT

60 h� p://www.GlobalETM.com

JERRY MANAS (PLANVIEW) is a best-selling author and Planview’s senior writer and editor of PRISMS best practices. ETM’S ALI KLAVER talks to him about his most recent foray into demystifying resource management.

The Capacity Quadrant

AK: TELL US A BIT ABOUT PLANVIEW AND HOW YOU CAME TO WORK WITH THEM?

JM: Planview is the market leader in enterprise portfolio management solutions, what we call EPM. For those who don’t know, EPM tools focus primarily on project portfolio management, project management and resource capacity planning.

In our view it’s a li� le bit broader and we include things like service portfolio management, application portfolio management and product portfolio management which is becoming a hot item.

We integrate all of that in a holistic fashion and call it end-to-end portfolio management. Together, it helps bridge the gaps that usually exist between strategy, operations and � nance, and that’s where we � nd most of the gaps happen in organizations. Most companies tend to look at the various operational components in silos and not as part of an ecosystem.

AK: LET’S DIVE IN AND DISCUSS THE CAPACITY QUAD� NT FROM YOUR RECENT WHITE PAPER. WHAT DO YOU MEAN BY THIS, AND IS IT A NEW TERM?

JM: It is indeed a new term. Over the years I’ve done a lot of research on common challenges for organizations and one issue that consistently appears at the top is resource capacity management—how do we take on all this work with limited resources and how do we best use those resources?

When I decided to tackle the problem in a white paper for Planview I used many observations from my years in management, plus my years of articles on the subject, but this time I decided to look at the problem more holistically and create a framework around it.

What emerged was that capacity planning requires four distinct disciplines. Visibility is � rst, and by that I mean broadening your view of capacity, demand and a number of other related areas.

We take quite a broad view and I think we’re somewhat of a thought leader in that aspect.

As for how I came to Planview, a number of years ago I was actually a customer of sorts. I was a consultant and implemented Planview at a number of large accounts, and then about a year ago I was asked to edit and provide comments for a book called Taming Change, wri� en by Planview CEO Pat Durbin and Terry Doerscher, our chief process architect.

In the book, they talk about using portfolio management more broadly as an alignment tool to be� er adapt to the relentless change that we all know and love today.

A� er I did the editing they told me they needed someone to write best practices for Planview, and ideally someone who’s a writer but also had a background as a practitioner. I seemed to � t the bill.

I liked their forward-thinking approach in the book and it also echoed the company’s approach. For me it was a no-brainer—it was a great � t, and that’s how I came to Planview.

ASK

TH

E EXPERT

EN

TER

PRISE PO

RTFO

LIO M

AN

AGEM

ENT

61 Prioritization is another area, and that’s

about understanding what’s important, and then optimization is the third one which is about focusing on e� ciency and value.

People tend to want to start with optimization, but � rst you need be� er visibility and you need an understanding of what’s important. A lot of organizations jump right in and don’t spend as much time as they should up front.

Finally, there’s iteration, the idea that planning happens at multiple levels, is cyclical, and happens by multiple parties.

� ose are the four main areas and I decided to call it the Capacity Quadrant.

AK: LET’S START WITH A DISCUSSION ON VISIBILITY. YOU ALSO SAID THERE ARE A NUMBER OF WAYS TO BROADEN VISIBILITY FROM A SUPPLY AND DEMAND PERSPECTIVE. CAN YOU TELL US MORE ABOUT THAT?

JM: � e way I see it is that there are three lenses of visibility. � ere’s the demand lens—to look at all the planned work competing for resources’ time. A lot of organizations look at one section of work, or only projects, but when you look at all the work that’s competing for resources’ time, and by this I mean all the planned work, then you start to get a true picture of demand.

Likewise, the capacity lens is about seeing true availability—we need to be able to look at our resource hours but then subtract the estimated time o� from the allocated planned work that they have, and we need to subtract the estimated administration time and the unplanned work such as the support work they do.

At Planview, we call these standard activities. � e idea is to be able to estimate, on a percentage basis, how much time people are spending on things like administration, operations and things that are ongoing but not necessarily discrete planned work.

� is is so important because a lot of the time people are available a lot less than they think they are. You’ll think someone is available 80% and it turns out they’re only available 40% when you take into consideration all the other things they’re doing.

So we need to look at the full spectrum of planned work for the demand, we need to look at the true availability for capacity, and then there’s what I call the system lens, or hidden demand. � at refers to all those barriers to e� ciency that decrease people’s availability.

It’s not just the obvious planned projects and estimated operations and support, there

are hidden things that also decrease availability such as knowledge sharing capability, ine� cient organizational structure, collaboration technology, cultural issues, teamwork, an overly complex approval process where checklists might be be� er, redundant process steps, any leadership issues, excessive multi-tasking and so on. Also, your intake � lters that � lter out the demand that is not worth doing.

� is is just a partial list but it’s what I mean by taking a holistic view of capacity and demand around true availability and the full spectrum of demand, then there are the hidden demands or the productivity killers that tend to decrease availability.

AK: YOU ALSO MENTIONED PRIORITIZATION. HOW CAN COMPANIES BE� ER PRIORITIZE THEIR DEMAND, AND ARE THERE ANY TRENDS YOU’RE SEEING HERE IN TERMS OF CRITERIA FOR SCORING OR CATEGORIZING THE DEMAND?

JM: � ere are a number of aspects to this. First of all, with prioritization there’s alignment with the organization’s goals, the objectives, and the product or service road map. Looking at alignment with products and services is certainly an emerging trend and one we’re on top of at Planview.

So we have the organizational objectives and how to align them with the road map, and then we can begin to look at the bene� ts and the risks.

Organizations are familiar with assessing bene� ts and risks, but I think there’s a trend towards a broader view of scoring. With bene� ts, this not only includes � nancial but also strategic, market and internal process bene� ts. I think organizations are spending more e� ort looking at a broader, more business-like view of bene� t scoring.

It’s the same with risks where we need to look at technical risks or program complexity and even things like achievability—do we have the capacity to do this, the resources and the right people?

With market or � nancial risks you’ll � nd that organizations tend to not look at them too closely, but I think there’s a trend towards looking more at those aspects. In general you’ll see a common theme here. � ere’s a conscious e� ort to look at things in a broader business and market context and I think those who don’t will fall behind.

Finally, there’s the categorization of the work and that also helps with prioritizing. I’ve seen companies use a number of approaches,

what I call importance-based categories like mandatory, strategic, discretionary or base services. � en there are bene� t-based categories where an initiative can be classi� ed as being for growth, e� ciency, reliability or some other bene� t.

� e key is to look at work in a variety of ways and through multiple category lenses.

AK: THE THIRD AREA WAS OPTIMIZATION WHICH IS ALL ABOUT MAKING MORE EFFICIENT USE OF LIMITED RESOURCES. WHAT METHODS AND TOOLS WOULD YOU SUGGEST FOR THIS?

JM: � is is certainly an important area, and once you have the clear visibility of capacity and demand and those productivity killers, along with a good sense of priority through your categorizations and alignment, you can start to focus on making e� cient use of the resources. � ere are a number of ways to do that.

One of them is to address all the systemic barriers we talked about earlier—those productivity killers when we were talking about visibility—so right o� the bat you can gain some e� ciencies there.

� ere are also lessons to learn, believe it or not, from the military. I wrote a book about the lessons we can learn from Napoleon who is widely considered a brilliant master of strategy and organization.

One concept he created, later called economy of force, is still in use today in the US military and in other countries as well. � e idea behind it, and I think it applies to business, is to focus the maximum e� ective amount of resources on your primary objectives.

� at seems like an obvious statement, but maximum e� ective means that there is a maximum e� ective amount, and if you go beyond that it actually makes it less e� ective because you’re starting to add communication channels and all those other issues that create complications and confusion.

So the maximum e� ective amount of resources should focus on your primary objectives. On your secondary objectives, allow the minimum e� ective amount—just enough to keep it going but not so li� le that it’s all of a sudden going to become a major objective by default.

It’s a very subtle art, but the idea is to focus your resources on your primary objectives, and the secondary objectives should have the minimum e� ective amount. Just enough to keep the lights on. � is gives people more focus toward their key objectives.

exec

ut

Ive pa

nel

co

rpo

ra te per

for

ma

nc

e ma

nag

emen

t

64

Corporate performance management software is no longer just for the most sophisticated or progressive companies, it’s some-thing that has been made available and attainable for just about any sized enterprise. SHAWN ROGERS (ENTERPRISE MAN-AGEMENT ASSOCIATES) moderates a panel podcast with the expert opinion of JON KONDO (HOST ANALYTICS), GEOF-FREY NG (PROPHIX SOFTWARE) and TONY LEVY (IBM).

top of the food chain

h� p://www.GlobalETM.com

sr: I’d lIke to ask the panel about theIr thoughts on the three most common mIstakes that companIes make when they’re plannIng a cpm strategy. Jon, let’s start wIth you—from your experIence, what do people need to avoId?

Jk: like a lot of things, if you jump in ahead of taking the time to think about what you’re doing you are prone to making mistakes. The three areas that I often see mistakes in are as follows.

one is that companies assume that a system will do it all. The system is only part of the solution and needs to include the people, the processes and the overall philosophy across a company that performance management is important. a robust solution helps to enable that but it has to be across the company.

The second area would be assuming that you have to get your cpm solutions set from an erp vendor because it’s going to be more integrated or included, so to speak. what we find is that when companies look across the business there is actually data coming from lots of different areas, so having it integrated from an erp vendor isn’t necessary and oftentimes is cumbersome.

The third area is waiting for the all-encompassing cpm project to be done, a year-long project. I think it’s more important that you do it in a phased approach with quick wins because what often happens is that people find it’s an interesting piece of discovery and that it would be great to add more functionality to it.

If you can iterate multiple times and have the flexibility to do that, you get to a more valuable solutions set in a much faster fashion. so those are the three areas I’ve seen from my experience.

gn: I agree with some of the things that Jon mentioned. In my observation and when working with various customers around the world, one of the biggest challenges is that they often try to do too much at one time.

In my experience the really successful organizations whose projects have yielded significant business value are those that have taken a more incremental or phased approach usually beginning with an extremely focused initiative, whether it be planning, forecasting or reporting, and not trying to do everything at once. cpm is about the people and the strategies in place.

also to Jon’s point, I think the other thing is that cpm is not simply about the technology—

busIness management, but what are the best ways that you see to brIng them together around these types of InItIatIves?

gn: It is vital that there is executive sponsorship for all cpm strategies to break across often silos within the organization. after all, cpm is really about collaborating and sharing information so that it can be analyzed and measured and so that decisions can be made. This needs to be ongoing and not just last for the duration of the cpm implementation project which is what sometimes occurs.

In some organizations an individual is designated as a leader of the cpm strategy, or a group of individuals are designated leaders following the best practices group. They are responsible for defining a strategy for successful deployment and then nurturing it afterwards.

This is usually an individual or a group of people with great communication skills, business acumen and who understand technology usage. ultimately, this person or group of people has to break down silos between departments which I think is vital.

as also mentioned earlier, I think that getting business stakeholders and It together is quite important during the cpm planning stages so that both sides understand the opportunities and challenges once the overall strategy has been crafted—there needs to be a well defined set of responsibilities.

people need to know who is doing what and this is important because It needs to recognize and accept that business management has rapidly changing needs and can always fully predict ahead of time what their data requirements are.

equally well, business management needs to recognize and respect that delivering accurate and timely data cannot always be done instantly and that the data they require may not even be available.

due to these issues I think it’s important for mature organizations to have these groups together so there is proper communication during that process. That way you can ensure that you select the correct kpI’s and can back it up with the data available so It can get that for you.

tl: I would add to those observations that both business and It need to understand each other. I’ve observed in some of our clients where the top performers almost merge a career crack. a person in It goes back, gets a cpa, works in finance, and then comes back into It.

therefore don’t let it become the centrepiece of the solution. It is about defining the strategy and having management buy into the overall process.

so when defining a cpm strategy you want It to be your partner along with the business stakeholders when decisions are made.

tl: I want to build on geoff ’s comments. he highlighted the lack of strong executive sponsorship as an obstacle; I would echo that and say that the executive support needs to encourage new tools and deploy new practices that will both automate and ultimately transform their critical processes.

geoff also mentioned the lack of a strong partnership between business and It as another obstacle. I would highlight one other obstacle that we often see and that is lack of clear vision and road map for a performance management journey.

we find that successful companies generally follow at least a three step road map. The first step is that they recognize the opportunity to automate what is largely manual spreadsheet-based approaches to planning reporting and analysis.

The second step is to adopt best practices—for instance, looking at both the leading and lagging indicators; treating highly variable and material kpI’s differently from low variability and low materiality kpI’s; enabling rolling horizons for planning and forecasting; and designing business drivers into their processes, just to name a few.

The third step is something that you echoed earlier in your introduction, shawn—to extend enterprise life. often these initiatives seem to be spearheaded by the finance department, but there is significant value that can be unlocked when it is extended beyond finance to integrate operational performance management processes with financial processes.

sr: the InteractIon between It and busIness management Is clearly Important, and obvIously a culture or a foundatIon wIthIn the organIzatIon needs to be present to make these InItIatIves successful.

what Is the best way to get It and busIness management InteractIve around thIngs lIke what data they need to select, how to defIne and determIne kpI’s, and In the end, how to execute around cpm? there Is always a gap between It and

exec

ut

Ive pa

nel

co

rpo

rat

e perfo

rm

an

ce m

an

agem

ent

65

Preservation Preservation Preservation andandand privacyprivacyprivacy

ASK

TH

E EXPERT

IN

FOR

MAT

ION

IN T

HE C

LOU

D

74

SIMON TAYLOR (COMMVAULT) says that, in order to migrate, move and manage information in the cloud regardless of the business or IT driver, it’s essential to involve experts in the field to establish a methodology around how you’ll do it.

h� p://www.GlobalETM.com

AK: THERE’S QUITE A LOT OF BUZZ AROUND THE WORD “CLOUD” TODAY IN TERMS OF BOTH IT AND BUSINESS INFORMATION SERVICES. COULD YOU PROVIDE MORE INSIGHT INTO WHAT CLOUD ACTUALLY MEANS AND THE TYPES OF CLOUD, PARTICULARLY IN REFERENCE TO HOW THEY MANAGE INFORMATION?

ST: Actually, “cloud” is probably one of the most misused terms right now. People use it to describe all sorts of collections of services, whether it’s for eDiscovery in the legal world and moving information to legal cloud providers, or for storage services that people require for moving data o� site. For example, Microso� Azure, Iron Mountain and those types of companies that o� er speci� c cloud storage services for the long term retention of data.

Realistically, I think clouds themselves fall into a couple of types. One is a private cloud, and the other is a public cloud. � e di� erence between the two is very simple. A private cloud is something that describes a collection of services or utilities inside an organization that people can contract to or get a service from through a single simple interface.

For instance, if you took a storage vendor type model you’d � nd that they would create a private cloud storage facility where you would write information to one place, using one set of interfaces, and it would be stored internally with a set of capabilities around that.

In contrast, public cloud is very much an external service, utilized across multiple di� erent organizations.

You o� en � nd that if you contract to a particular service with an external cloud provider, that service is delivered o� a platform that multiple other di� erent organizations are contracting to at the same time.

It does raise some concerns, but of course you get their economies of scale because the actual provider themselves is able to host more from that one platform.

� e downside is that your information is intermingled with other peoples’, whereas a private cloud is inside your organization and therefore o� ers a lot more security around what you do internally.

AK: DOES THIS MEAN THAT CLOUD IS SOMETHING NEW, OR A NEW DEFINITION FOR SOMETHING WE’VE BEEN DOING FOR SOME TIME?

ST: I think that cloud isn’t something providers were doing around capacity

INFORMATION IN A CLOUD?

ST: I think there are a lot of di� erent use cases in this area. People tend to move stu� into a cloud, whether it’s private or public, due to cost. � ey’re looking to do things more cheaply.

A private cloud, a collection of all the available assets of an organization, or more importantly a particular vendor or set of providers involved, allows people to get be� er economies of scale over the investments they’ve made.

If they’re contracting with one particular vendor then they can have the whole organization utilizing that service, so it becomes a be� er way of managing cost, for example.

If you think about information clouds internally—the ability to have records managed in a single place with a single set of de� nitions in terms of retention, and how those are coordinated over time—it becomes a very viable proposition in that there’s almost a private information cloud in an organization.n.

Public clouds have a huge part to play in cost because smaller organizations don’t want the investment internally, and so reduce costs through contracting to external services under the same sort of model. But of course, the costs are a lot cheaper because of the multi-tenanting and multi-hosting that’s going on in the external public clouds.

I think one of the key drivers right now is retention. For instance, people are moving data o� to these places because they need to reduce costs, but more importantly, they know they need to keep it. � ey don’t necessarily want to have it clogging up their own internal systems, but they want to move it somewhere else so they can still get access to it but can do so aligned to a more long-term retention strategy.

Built into that is how the costs of retrieval and the expenses around that are managed in terms of people looking at that information over a period of time. � ere’s also a third area which is more around risk and the outsourcing of liability.

As we’ve seen in certain compliance and eDiscovery scenarios, people who know they have to preserve types of information on a regular basis are starting to contract to external eDiscovery cloud providers, or legal

management probably around 10 years ago. Some of the leading companies in that

space have been storage vendors who were providing hosted services to organizations that, depending on the demand of the organization, gave additional capacity and provided it in such a way that it was fairly seamless to the organization.

Consequently, what we end up with is a scenario where that model has been taken forward with added services capabilities, and then internally has become a provision of a range of capabilities that not only provide business information access but a way of storing and managing records, � nding them, and knowing that they only have to go to one place to do that.

It’s also a consolidation of the assets of an organization from an IT point of view. � ey can reuse additional space in di� erent parts of the organization right to a single point where that data is managed, protected, stored, retrieved, and recovered a� er a disaster and things like

that—all built in. So yes, it’s an evolution, and if we look to

see what’s happened with, for instance, email—you � nd that people have adopted an external service model that is obviously more of a public cloud model around hosting email as people have outsourced that whole requirement.

� e outsourced service provider model has also matured into a public cloud model as well where people think about how simple this could be; “I’m going to go on the internet, � nd a H� P type-interface, and write stu� to it, ge� ing secure references to the information I write”.

Ultimately, it becomes a lot simpler to do that. When we think about the public cloud, the birth of the internet, and the ability to connect to these di� erent types of services over the internet almost seamlessly and simply—these are what has spawned the public cloud enthusiasm we’ve been seeing over the past few years.

AK: THE CLOUD SEEMS LIKE IT WOULD HAVE A LOT OF SECURITY AND DATA PROTECTION CONCERNS. COULD YOU PROVIDE SOME BACKGROUND AS TO WHY PEOPLE WOULD STORE BUSINESS

ASK

TH

E EXPERT

IN

FOR

MAT

ION

IN T

HE C

LOU

D

“Involve “Involve “Involve some expertsome expertsome expert help so that you help so that you help so that you some expert help so that you some expertsome expertsome expert help so that you some expert help so that you some expert help so that you some expertsome expertsome expert help so that you some expertdon’t have todon’t have todon’t have to

some expertdon’t have to

some expertsome expertsome expertdon’t have to

some expertdon’t have to

some expertdon’t have to

some expertsome expertsome expertdon’t have to

some experttrytrytry to to to try to trytrytry to try to try to trytrytry to try anticipateanticipateanticipate

some expertanticipate

some expertsome expertsome expertanticipate

some expertanticipate

some expertanticipate

some expertsome expertsome expertanticipate

some expert help so that you anticipate help so that you help so that you help so that you anticipate help so that you anticipate help so that you anticipate help so that you help so that you help so that you anticipate help so that you some expert help so that you some expertanticipate

some expert help so that you some expertsome expertsome expert help so that you some expertanticipate

some expert help so that you some expert help so that you some expert help so that you some expertanticipate

some expert help so that you some expertsome expertsome expert help so that you some expertanticipate

some expert help so that you some expertanticipate

some expert help so that you some expertanticipate

some expert help so that you some expertsome expertsome expert help so that you some expertanticipate

some expert help so that you some expert help so that you some expert help so that you some expertanticipate

some expert help so that you some expertsome expertsome expert help so that you some expertanticipate

some expert help so that you some expert and and and

work work work thoughthoughthough all the all the all the issues yourself.”issues yourself.”issues yourself.”anticipate

issues yourself.”anticipateanticipateanticipate

issues yourself.”anticipate

issues yourself.”anticipate

issues yourself.”anticipateanticipateanticipate

issues yourself.”anticipate

75

AN

ALYST

FEATU

RE

VIRT

UA

LIZAT

ION

SECU

RIT

Y

78

Still a lot of work to do…

A lot of CIOs and CISOs don’t do upfront research and put enough thought into looking at virtualization security for their

organizations. MARTIN KUPPINGER (KUPPINGER COLE) says that this is a must if security targets are to be met, and to move

forward with a successful cloud computing platform.

You could claim that virtualization security isn’t a hype topic anymore. Yes, correct—it is a real topic now and relevant for most organizations today. However, a recent survey of Kuppinger Cole, supported by CA Technologies, unveiled that there is still a long way to go for most organizations.

Given that, focusing on doing the home work in virtualization security is a must for CIOs and CISOs to ensure that security targets are met and to build the foundation for successful cloud computing in IT.

Virtualization is a key technology in today’s IT environments. However, there are several types of virtualization with somewhat di� erent value propositions. It comes as no surprise that the primary focus of organizations is server virtualization and storage virtualization.

By the end of 2012, over half of the organizations surveyed expect to have deployed server virtualization to more than 50% of their systems in production environments. A third of the organizations expect to have deployed storage virtualization for more than 50% of the systems. � e numbers for desktop virtualization and application virtualization are signi� cantly lower.

From the Kuppinger Cole perspective, these numbers show the gap between the hype around virtualization and its real, phased implementation especially when looking at production environments.

Interestingly, organizations rely typically at least on two di� erent virtualization technologies, with VMware being the clear leader but others including Citrix and Microso� becoming strong followers.

� e major driver for virtualization is that of IT operational e� ciency. � is is rated as the major driver or at least a driver by more than 90% of the organizations. Another important driver is the control of IT costs—however, virtualization is just a technical element. Full control requires a strong service accounting and thus service management.

Interestingly, the least important drivers are the preparation for cloud IT and the ability to meet green IT targets. � e fact that cloud IT isn’t a major driver is based on the value virtualization has by itself and the relative immaturity of strategic cloud IT initiatives.

Virtually any respondent is fully aware of the need for virtualization security in these virtualized server and storage environments. However, there are still many inhibitors. � e major inhibitor for implementing virtualization security is the lack of expertise and skills to plan and implement it.

Other critical points are budgets for the upfront costs of implementing virtualization security and the complexity of managing security across virtual environments and platforms. When looking at the overall numbers it becomes obvious that the biggest inhibitor for virtualization security is still the relative immaturity of organizations when it comes to virtualization.

� ere is a lack of expertise and skills; there is also a lack of processes, policies and standards, and a need for improved support for virtualization security from vendors.

Around a quarter of organizations claim that virtual environments in general are less

AN

ALYST

FEATU

RE

VIRT

UA

LIZAT

ION

SECU

RIT

Y

79

Kuppinger Cole

Kuppinger Cole, founded in 2004, is a leading Europe-based analyst company for identity-focused information security both in classical and in cloud environments. Kuppinger Cole stands for expertise, thought leadership and a vendor-neutral view on these information security market segments, covering all relevant aspects such as identity and access management (IAM), risk management and compliance (GRC), cloud security and management, governance and virtualization.

CA Technologies

CA Technologies is an IT management so� ware and solutions company with expertise across all IT environments. CA Technologies manages and secures IT environments, enabling their customers to deliver more � exible IT services. � eir solutions help customers gain a level of deep insight into and exceptional control over complex, mixed IT environments. It’s that level of insight and control that enables IT organizations to power business agility.

HEA

D TO

HEA

D

END

POIN

T SEC

UR

ITY

82

Delving into the specifics of being and staying secure at endpoints is a favourite topic of LANDesk experts ANDY KING and BEN HALL. They talk to ETM’S ALI KLAVER about the fundamentals of endpoint security and how it all starts with knowing exactly what is on your network.

Layer by Layer

h� p://www.GlobalETM.com

Andy has been with LANDesk for over three years. Prior to this he worked for a number of enterprise so� ware vendors. Andy is passionate about ensuring the users get value for money from their so� ware investments and receive the customer service they expect. He states that one of the key reasons he’s with LANDesk is the great ROI.

Andy is responsible for all of LANDesk’s business partners and resellers in EMEA North region, covering UK, Benelux and Nordics.

Andy King | AREA DIRECTOR, UK AND NORTHERN EUROPE

LANDesk

HEA

D TO

HEA

D

END

POIN

T SEC

UR

ITY

83

Layer by Layer

AK: ANDY, START US OFF BY TELLING US ABOUT LANDesk AND HOW YOU CAME TO WORK WITH THEM?

AKing: LANDesk, in one form or another, has been in existence for over 20 years. We are an independent so� ware company. We are one of the only specialists in the market that focus on systems lifecycle management, endpoint security and an ITIL-based service management policy, and they are our three main solutions.

We’re an organization that is 700 people strong, and most of our business goes through business partners so our route to market is through a channel company.

I’ve been in the systems management world for � ve years, and the uptake of systems management technology that is required in the market still amazes me.

BH: Before joining LANDesk I worked for a number of systems management providers in Europe. One of those was actually one of LANDesk’s largest outsourcing companies so it was a natural progression to join LANDesk.

AK: WITH THE � PID ADOPTION OF MOBILE DEVICES AND PERSONAL PHONES AND THEIR USE TODAY, IT MUST BE QUITE HARD TO STAY SECURE AT THE ENDPOINT. IS THIS JUST ONE OF THE CHALLENGES OF ENDPOINT SECURITY IN THE CURRENT MARKET? WHAT MIGHT BE SOME OTHER FACTORS?

BH: It is de� nitely di� cult to stay secure. Here at LANDesk we treat mobile devices no di� erently to laptops or desktops—it’s just another device that needs securing under the endpoint security umbrella.

UNDER THAT ENDPOINT SECURITY UMBRELLA. ANDY, WHAT ARE THE OTHER BASIC FUNDAMENTALS NEEDED FOR ENDPOINT SECURITY TODAY?

AKing: � ere are actually quite a few. What we’re seeing in the market now is a merger between the endpoint security and the endpoint management. It wasn’t so many years ago that those two things were completely separate, whereas now we are seeing them merging more and more because you can’t really secure something that you can’t manage.

Another way of saying that is: You have to know what you’ve got in order to secure it, as well as manage it. � at’s where the overlap comes in.

Is it a security question or a management question to know whether or not there is a certain copy of a certain piece of so� ware on your network which you have deemed to be a security risk? � at could also be a systems problem because so� ware is licensed and so instead you should be worrying about so� ware licensing.

So we’re seeing this convergence and the fact that, fundamentally, you have to know what you’ve got, you have to know who’s using it, and you have to know what they’re using. � ey are some of the core fundamentals.

Once you’ve done that, the next one is—is it patched up-to-date, for example? Is it at the latest release? Do we have some sort of conformity about what’s on our network and what our endpoints are? Are they literally all over the map in terms of operating systems and hardware platforms etc?

� en you get more into about how to control removable media, what you have to do about anti-malware, antivirus and whether you’ve considered remote users and so on. All

Other major factors are obviously roaming users out on the internet. At LANDesk we obviously consider those as very important, but we also realize that the key to endpoint security is a layered approach.

You can’t just focus on one aspect of endpoint security such as only securing antivirus or selecting vulnerabilities—it’s not enough. You need to look at it from a multi-tier approach and consider security compliance, vulnerability, spyware management and policy enforcement as well.

AKing: As we’ll discuss later, what we’re seeing is a huge rise in the number of devices. � e days of somebody only having a desktop are over.

More laptops now are sold than desktops, and most people have a laptop at least—if not a laptop and a desktop. � en they also have some sort of Smartphone.

Nowadays there are other devices, whether they are the Apple brand, or i-something-or-other, that are being used extensively everywhere, or one of its equivalents. And a lot of people are using Notebooks today.

In this world of security management, it’s about � guring out how on earth to manage the user as opposed to the device, because the user is demanding more and more. � ey want to bring their private devices onto the network and companies have to get their heads around how they’re going to allow that. What policies and procedures do they need to put in place? How do they secure them, if they’re going to be a part of the business from now on?

� at’s a huge issue that a lot of end users, and business managers, are trying to get to grips with right now.

AK: SO IT SOUNDS LIKE THERE ARE QUITE A LOT OF ENDPOINTS DEFINED you’ve considered remote users and so on. All

h� p://www.GlobalETM.com

The source

Enterprise search is as much about the tools you use as the way users actually search. BRIAN PINKERTON (LUCID IMAGINA-TION) says that it’s search that has now become a vital part of a user’s everyday life. He talks to ETM’S PINAR GENCTURK.

ASK

TH

E EXPERT

EN

TER

PRISE SEA

RCH

86

PG: CAN YOU TELL ME WHY SEARCH IS SUCH AN IMPORTANT TECHNOLOGY FOR THE ENTERPRISE IT DECISION-MAKER TO KNOW ABOUT?

BP: Search is becoming a huge part of most enterprises in terms of what I would call a � rst class service—that means you know search is the product to be delivered but also that it’s a component of many other applications.

If you take some of the common applications that people are using in the enterprise today—for example, an application such as Salesforce.com—search is a very important part of that application. It’s also an important part of applications that people build on their own, inside the enterprise.

From a � rst class perspective and from a component perspective it has become basically part of everyone’s everyday life. � e users inside the enterprise are all accustomed to searching for information now because it’s how they � nd out what they need to know. So it has to be an integral part of these applications.

PG: HOW IS LUCENE AND SOLR OPEN SOURCE CHANGING THE FACE OF SEARCH? WHAT ARE THE NEW TECHNICAL CAPABILITIES IT INTRODUCES, AND WHO HAS BEEN SUCCESSFUL AT USING IT?

BP: Lucene and Solr have done an incredible job of penetrating the search world because they do two things. One is that they o� er enough full text features to be useful, and they also do that in a way that’s free.

� ey are a modern technology, they o� er incredible relevance and great performance, and they do it in a way that is � exible for the users.

Lucene is an embeddable library that people use to link in with their applications at a low level, and Solr is a much more fully featured search application that people can use. � ey are free but also very accessible to developers so they can pick one of these things up, start running it, and be productive within a day or two.

Within typically a week or a month, depending on the complexity of their application, they are fully up and running and near production levels, so Solr has been great at being accessible, usable and delivering the features that the users need.

In the end I wouldn’t say that they deliver many more technical capabilities than some of the commercial competitors, but what they do o� er they o� er incredibly well so the performance is fantastic, the relevance is great, and it’s all tuneable and very accessible so you

don’t have to call up your vendor if you need access to a certain API.

It has been super successful across a huge variety of applications. We see people using Lucene and Solr in Silicon Valley in what I would call the start-up land where people can’t a� ord commercial solutions. � ey’re all using Lucene and Solr because it’s free. We’ve seen some competitors to Lucene and Solr sprout up because they have been so successful.

In addition, Lucene and Solr have penetrated the enterprise as open source has become more and more acceptable inside the enterprise, so lots of the enterprises running on Linux now see that open source has become accepted practice inside even the most traditional enterprises.

For example, Wall Street and Fortune 500 companies are all using it and have been amazingly successful at building very cool applications using this technology.

PG: LUCID IMAGINATION HAS JUST ANNOUNCED A NEW SUBSCRIPTION PRODUCT OFFERING—LUCIDWORKS ENTERPRISE. HOW IS LUCID’S PRODUCT HOUSING OPEN SOURCE SEARCH?

BP: LucidWorks Enterprise extends Solr and Lucene with features that are commonly needed by our commercial customers. We are focusing on providing technology that makes Lucene and Solr more accessible to more people.

For example, a common need that people have is to get started with search. � ey want to get up and running a lot faster and for some of our customers that means using a user interface instead of con� guring. It means not having to understand the full functionality of search to get up and running, but rather just doing the basics such as � nding data and indexing it.

� ey don’t necessarily want to mess around, at least at the start, with � elds and all the di� erent search parameters that they probably don’t know anything about.

Our goal with LucidWorks Enterprise has been to simplify all the aspects of ge� ing started so that you can get up and running in � ve minutes if your data is already accessible on the web, in a � le system or database.

Another great aspect of LucidWorks Enterprise is that we focused on making it so that people can build what I call completely functional search applications out of the box. If you take the barebones of Lucene or Solr, they are tuned for maximum performance and less emphasis on the features when you take it out

of the box. In order to build up a fully featured search app you actually have to learn about the con� guration and all the aspects of search.

For example, if you want features like auto complete, spell checking, unsupervised feedback to enhance relevance and all those other aspects, then those are features that you have to add on top of Solr.

� ey are available as the part of the open source package but you have to � gure out how they work and turn them on, so it’s not a very friendly experience. We’re taking the opposite approach. We want to give people a great search experience right out of the box and make it as automatic as possible for folks to use.

� e other aspect of LucidWorks Enterprise that we’re focused on is trying to make it easier to integrate into today’s enterprise. If you look at most of these search applications they are like a database—they are standalone islands of functionality that you have to con� gure. � ey don’t necessarily integrate so well with how you want your enterprise to work.

Perhaps you need to write some applications around this in addition to using the search results. � e applications may want to con� gure the search application and app, although it is hard to write the xml � le and then reboot the search server to read that. It would be much easier if there was, for example, an API you could use to con� gure the search server.

LucidWorks Enterprise is con� gurable with the rest of the API, and it has a bunch of extra stu� around the edges like security and connectors that enable it to work in an enterprise environment right out of the box.

PG: WHAT STEPS HAVE BEEN TAKEN TO ENSURE THE STABILITY OF THE OPEN SOURCE SEARCH PRODUCT YOU OFFER?

BP: � at was a very important area for us to focus on because the open source community is moving so quickly that we needed to ensure the product is stable and insulated from that fast moving culture.

At the same time, we want to take advantage of the speed of development because the new features come thick and fast in the open source community and they’re always making extraordinary leaps in terms of performance, resource utilization and things like that.

We have a QA department that we subject Lucene and Solr to, as well as our own code to ongoing continual QA e� orts. We’re stress testing it in terms of load and are also continuously testing the components as they’re developed.

ASK

TH

E EXPERT

EN

TER

PRISE SEA

RCH

87

Events and features 2011ETM is focusing on:

Social media, GRC and managementBUILDING YOUR ENTERPRISE DATA STRATEGYDATES: 13 – 18 February 2011 LOCATION: Las Vegas, NV URL: http://events.tdwi.org/events/las-vegas-world-conference-2011/home.aspx

GARTNER BUSINESS INTELLIGENCE AND INFORMATION MANAGEMENT SUMMIT DATES: 22 – 23 February 2011LOCATION: Sydney, AustraliaURL: www.gartner.com/technology/summits/apac/business-intelligence/index.jsp

3RD INTERNATIONAL CONFERENCE ON WIRELESS INFORMATION NETWORKS AND BUSINESS INFORMATION SYSTEMS DATES: 27 February – 1 March 2011LOCATION: Kathmandu, NepalURL: www.win-bis.com/registrationpage11.php

GARTNER CIO LEADERSHIP FORUMDATES: 28 February – 1 March 2011 LOCATION: Dubai, UAEURL: www.gartner.com/technology/summits/emea/cio/index.jsp

TDWI SOLUTION SUMMIT DATES: 6 – 8 March 2011LOCATION: Savannah, GAURL: http://tdwi.org/sitecore/content/Home/TDWI/TDWI-Events/Events/Solution-Summit-Savannah-2011/Home.aspx

GARTNER BUSINESS PROCESS MANAGEMENT SUMMITDATES: 7 – 8 March 2011 LOCATION: London, UKURL: www.gartner.com/technology/summits/emea/business-process/index.jsp

CLOUD COMPUTING WORLD FORUM: MIDDLE EAST AND AFRICADATE: 9 March 2011 LOCATION: New York, NYURL: http://summits.aberdeen.com/index.php/hcm.html

GARTNER INFRASTRUCTURE, OPERATIONS AND DATA CENTER SUMMIT DATES: 15 – 16 March 2011 LOCATION: Sydney, AustraliaURL: www.gartner.com/technology/summits/apac/data-center/index.jsp

DATA GOVERNANCE CONFERENCE EUROPE 2011 DATES: 21 – 23 March 2011LOCATION: London, UK URL: www.irmuk.co.uk/mdm2011

MOBILE NETWORK OPTIMISATION ASIA PACIFIC SUMMIT 2011 DATES: 22 – 23 March 2011 LOCATION: Bangkok, ThailandURL: www.mobilenetworksasia.com

GARTNER PORTALS, CONTENT AND COLLABORATION SUMMIT DATES: 28 – 30 March 2011LOCATION: Los Angeles, CAURL: www.gartner.com/technology/summits/na/portals/index.jsp

WEB 2.0 EXPO DATES: 28 – 31 March 2011LOCATION: San Francisco, CAURL: www.web2expo.com/webxsf2011

THE SUPPLY CHAIN MANAGEMENT SUMMITDATES: 29 – 30 March 2011 LOCATION: Chicago, ILURL: http://summits.aberdeen.com/index.php/Supply-Chain-Management-Summit/2010-scm-summit-overview.html

GARTNER CUSTOMER 360 SUMMIT 2011DATES: 30 March – 1 April 2011LOCATION: Los Angeles, CAURL: www.gartner.com/technology/summits/na/customer-360/index.jsp

WORLD CONFERENCE: PERFORMANCE MANAGEMENTDATES: 3 – 8 April 2011LOCATION:Washington, D.C.URL: http://tdwi.org/Calendar/2011/04/World-Conference-Performance-Management.aspx

GARTNER CIO LEADERSHIP FORUMDATES: 4 – 6 April 2011LOCATION: London, UKURL: www.gartner.com/technology/summits/emea/cio-forum/index.jsp

CUSTOMER CONTACT 2011, EAST: A FROST AND SULLIVAN EXECUTIVE MINDXCHANGEDATES: 10 – 13 April 2011LOCATION: Marco Island, FLURL: www.frost.com/prod/servlet/summits-details.pag?eventid=198886397&as=attend

GIL 2011: MALAYSIADATE: 12 April 2011LOCATION: Kuala LumpurURL: www.gil-global.com/malaysia/index.html

GARTNER BUSINESS PROCESS MANAGEMENT SUMMITDATES: 27 – 29 April 2011LOCATION: Baltimore, MDURL: www.gartner.com/technology/summits/na/business-process/index.jsp

INTEROP LAS VEGASDATES: 8 – 12 May 2011LOCATION: Las Vegas, NVURL: www.interop.com/lasvegas

SCIP 2011DATES: 9 – 12 May 2011LOCATION: Orlando, FLURL: www.scip.org

EUROPEAN IDENTITY CONFERENCE 2011DATES: 10 – 13 May 2011LOCATION: Munich, GermanyURL: www.id-conf.com

Interested in contributing?

If you’re an analyst, consultant or an independent and would like to contribute a vendor-neutral piece to future issues of ETM, please contact the managing editor: Pinar Gencturk: pgencturk@imipublishing.com

EVEN

tS A

ND

FEAtU

rES

2011

90

“www.globalETM.com”“www.globalETM.com”

To read the

full version of the Q1 2011issue, please go to

“www.globalETM.com”

To read the

full version of the Q2 issue,

please go to

“www.globalETM.com”“www.globalETM.com”“www.globalETM.com”“www.globalETM.com”“www.globalETM.com”“www.globalETM.com”